Protect WordPress from Brute Forcers using Login LockDown


Brute Force Password Cracking is a well-known password cracking/hijacking technique that is to used to get pass-through login forms etc by trying a huge number of possibilities in very less time. Back in the 2000’s the technique was widely used by brute forcers all over the world to easily hack into Yahoo/Microsoft email accounts but it was taken care of later on.


Unfortunately, WordPress does not take care of this security loophole and anyone can access your WordPress login form at

Once compromised and authenticated, using brute forcing techniques, a hacker can easily access all your posts, comments and blog data and then God knows what he might do to it. So for enhanced security it is recommended for every WordPress user to use Login LockDown WordPress Plugin.

This plugin records the IP address and timestamp of every failed WordPress login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.

By default, the plugin will ban an IP from accessing the login form for 1 hour if it fails to authenticate itself more than 3 times within 5 minutes. However these settings can be changed easily.

Download Login LockDown

Installing the plugin is easy as upload, unzip and activate.



~ by suke on February 29, 2008.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: