Name: Brute-Force-Login-Prevention
Owner: 10up
Description: Assists in preventing common brute force login attempts by modifying the default login URL for WordPress.
Created: 2013-05-29 21:45:44.0
Updated: 2017-10-04 18:04:38.0
Pushed: 2013-05-29 23:50:01.0
Homepage: null
Size: 151
Language: PHP
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Brute Force Login Prevention isn't as much a security measure as it is a stop this brute force bot from swamping my server, please measure.
By preventing access to the default wp-admin/
and wp-login.php
URLs used by WordPress during the login process, you can quickly get a bot to go elsewhere to look for prey. Combine this with username other than admin
and a secure password and things are looking pretty good.
brute-force-login-prevention.conf
in your site's Nginx configuration. This can be done with some careful copy/paste or with the Nginx include directive.brute-force-login-prevention.php
in the wp-content/mu-plugins/
directory of your WordPress installation.