WordPress allows for an unlimited number of user login attempts by default, making the site vulnerable to security threats. Hackers can use different passwords to crack passwords with unlimited login attempts. Of course, if you use a firewall, this is taken care of, but if you don't, you can limit logins and secure your WordPress site with the LoginLockDown Plugin. Login LockDown logs every failed login attempt, along with the IP address and timestamp. If a certain number of login attempts from the same IP range are detected in a short period of time, the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. This article will walk you through installing and configuring the LoginLockDownPlugin to prevent brute force password guessing.
To install and configure Login LockDown Plugin, follow these steps:
Search for “Login LockDown” click Install, and then click Activate the plugin:
On the Dashboard in the left sidebar, click Settings and then click on on Login Lock Down:
Click on Update Settings, to set the max login tries, retry time period and other settings to limit the login attempts:
For more information about the Login Lockdown Plugin, please visit https://wordpress.org/plugins/login-lockdown/
Subscribe to receive weekly cutting edge tips, strategies, and news you need to grow your web business.
No charge. Unsubscribe anytime.