Login LockDown Security Plug-in

One of the most common forms of attack used by hackers is called a brute force attack.

This attack involves testing password after password on a WordPress account until one of them hits and opens up the administration features of the blog. To avoid becoming the victim of such an attack, the Login LockDown plug-in is a good choice. 

With a brute force attack, the hacker is reliant on the site giving them unlimited login attempts.

A plug-in such as Login LockDown limits the amount of times that an failed attempt can be made from a block of IP addresses before the system shuts out the hacker entirely. It also creates a log of the IP addresses from which the attempt was made.

The way this plug-in works is very smart.

If there are more than three failed login attempts within a period of 5 minutes, the originating IP range is blocked from making any further login attempts. This basically removes the brute force attack as a viable means of hacking into your blog.

The log allows you to see where the attempt was made from and, if you choose, to unlock those IP addresses again so that a legitimate user can get back into their account. In most cases, however, you’ll probably find that you have no real reason to open up the IP range again, as there’s little chance that someone would repetitively try to get into their account in this fashion.

This simple plug-in, or others like it, can vastly increase your website’s security and is a necessity for everyone.

Leave a Comment