Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL
Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist
Limit Login Attempts Plugin – Use It To Stop Brute Force Attacks | WP Learning Lab
The Limit Login Attempts WordPress Plugin is used to help prevent brute force login attacks. You can read more about this WordPress security plugin here: https://wordpress.org/plugins/limit-login-attempts/
Let me first explain what Brute Force Attacks are. When a hacker tries to access your site by guessing username and password combinations using automated software that is called a Brute Force Attack. The default WordPress login form even gives hackers a hint when they get the username right.
The error message on the login form says “username and password are incorrect” when they are both incorrect. However, when the username is correct and the password is not correct the error message reads, “that is not that correct password for this username”.
At that point the hacker knows the right username and now they just have to guess the password. Without a WordPress safety plugin or other WordPress protection, the hacker can try to login as many times as they want. They could theoretically guess millions of username and password combinations until they find the right now.
That is where the WordPress Limit Logins Attempts plugin comes in. Once installed and activated you can limit the number of incorrect or WordPress bad logins someone can have. For example, you could block someone from trying to login more than 3 times in a row. You can also set how long they are locked out.
An unfortunate side effect of having a security plugin like this is that sometimes you may be locked out yourself 🙁 A great way to remember your passwords is using an app like Lastpass (check out this video about remember secure passwords: https://youtu.be/GjYieubvUMA)
Luckily there are two ways to unblock your user account. I’ve created videos for each of them and the links to access them are below.
MySQL Limit Login Attempts unblock: https://youtu.be/r70hPajyVhQ
FTP Limit Login Attempts unblock: https://youtu.be/8V9K_Wwf7pM
So if you are wondering how to secure my blog or how to secure wordpress, this security plugin is a great first step.
I hope these WordPress security tips help you! If you have any questions leave a comment below or ping me @WPLearningLab on Twitter.
If you want more excellent WordPress information check out our website where we post WordPress tutorials daily.
Connect with us:
WP Learning Lab Channel: http://www.youtube.com/subscription_center?add_user=wplearninglab
Google Plus: http://google.com/+Wplearninglab