Support Forum

Simple:Press 6 General Topics

Stopping Brute Force Attack - Block IPs or Captcha

Stopping Brute Force Attack - Block IPs or Captcha

joon lee

Member

Offline

Mar 18, 2014 - 10:09 pm

I am suffering from a brute force attack and we have more than 2000 members who can't login to the site.

https://www2.suresupport.com/b.....ected.html

We installed the plugin "wordfence" but I found out that a lot of IPs tried to login with the username "admin"

I was thinking, maybe we can have an option in the "login" area to activate "simple press login captcha" to block these brute force attack.

What do you recommend us to do?

Brandon

U.S.

SP Wrangler

Free Members

Offline

Mar 18, 2014 - 11:17 pm

I like the limit login attempts. http://wordpress.org/plugins/l.....-attempts/ It stops the bots from guessing after so many tries.

Adding a captcha is good too. Sometimes more than just one thing helps.

Trying the username of Admin is also not uncommon. You shouldn't use that username at all on the site.

Custom Simple Press Themes

joon lee

Member

Offline

Mar 18, 2014 - 11:43 pm

How other members manage this?

because after 20 bruteforce attack, our server says,

https://www2.suresupport.com/b.....ected.html

and captcha can't stop the message. Failed login attempts -> it doesn't really work because brute force is attacking from 20 different IPs

Mr Papa

Simi Valley, CA

SP Master

Free Members

Offline

Mar 18, 2014 - 11:57 pm

I do the limit login attempt things... wont stop but does slow down... would suggest searching wp forums as they have suggestions such as http authentication and other more obtrusive steps...

Visit Cruise Talk Central and Mr Papa's World

All RSS

Forum Timezone: Europe/Stockholm

Most Users Ever Online: 1170

Currently Online:

Guest(s) 1

Currently Browsing this Page:
1 Guest(s)