Limiting login attampts is a must have security measure in wordpress. There are hackers everywhere trying to get into your wordpress installation and that is why it is recommended to limit the allwed number of login attempts to prevent bruteforce attampts.
Recently we covered how to change wordpress default database prefix and now we’re back with a guide for limiting allowed number of login attempts. Previously, to prevent brute force attacks, wordpress webmasters used user lockdown features which used to lock the user out of the site if anyone tried to bruteforce that user account.
To make this more understandable, here is an example. Suppose there is a username “admin” in your wordpress site. And you are using any lockdown plugin. Now what whould happen is your account would get locked if someone tried to log into your account with wrong login credientials. At first this seemed a very good idea as your account was safe from bruteforce attack but the biggest drawback of this is that you are also locked out of your account. Now if anyone out there will make some unsuccessfull login attempts, knowing that it would not work, will lock your account. Then you have to contact your administrator to unlock your account.
But now you can install “Limit login attempts” plugin. This plugin will only blacklist the ip address of attacker and your account will remain safe and unlocked.
You simply have to follow a couple of steps and you are pretty much good to go.
- Login to your wordpress admin area.
- Click Plugins
- Click “Add New”
- Search for “Limit login attempts” and install that plugin.
- Next you have to make appropriate changes in the plugin settings and you are done with that.
If you like out posts, share with others on social networks. Don’t forget to join us on Facebook, twitter, Google+
Provide us your feedback if you have any questions or suggestions in the comments section below.