Wordpress Anti Brute Force

BRAVO WP ultimate security - Wordpress Plugin, Read full features to learn how to secure Wordpress site using Bravo.

Go Pro!

Wordpress Brute Force Protection Tips


What is the brute force attack?

Brute Force means that attackers try many passwords or passphrases in order to gussing something true to get your site owned by them.
If you want to attack the Wordpress site, you should know the weaknesses in Wordpress, Wordpress is an open source platform and it is famous more than any CMS, Attackers are not facing any difficulties while they try to unlock your WP-admin access.
Our mission here is to make this attack impossible or more difficult, The matter which force attacker to leave your Wordpress with a huge disappointment.

The most serious anti brute force steps

The next anti brute force steps are available in Bravo as a layer of the security layers by Bravo security plugin.
  1. Change Wordpress Login Method:
    such as the login username should be the email only, to prevent username guessing by attackers.
  2. Enforce Strong Passwords:
    It is recommended to enable this option, to enforce all users to use strong passwords while they are updating their passwords at the next times.
  3. Maximum Login Attempts Per IP:
    Available attempts to login with wrong details per IP address before blocking.
  4. Add some IPs to white list:
    In order to make your IP at the safe side.
  5. Maximum Login Attempts Per USER:
    Available attempts to login with wrong details per USER before blocking.
  6. Time Before Unblock:
    The period which you give to the blocked user before the system allows him again to login.
  7. Disallowed usernames for login:
    Add some usernames to block it from using to login.
  8. Disallowed usernames for register:
    Add some usernames to block it from using to register new membersihp.
  9. Disallowed email hosts/providers:
    Add some email hosts/providers to block it from using to register or login.
  10. Disallowed countires (for register):
    Add some countries to prevent its visitors from register new membership.
  11. Moderate New Members (new registered users):
    If you enable this option, this means all new users will be not able to login before administrator approves their accounts.
  12. Minimum Chars for Username (Min Limit) (new users):
    Set the minimum for the new registered username chars , new user can not complete registration before reaching at least the minimum for his username chars.
  13. Minimum Chars for Username (Max Limit) (new users):
    Set the maximum for the new registered username chars , new user can not complete registration if his username more than the maximum limit.
Also, Do not forget to turn the reCAPATCHA on for the register and reset passwords, read more!