Recently our hosting blocked one of our wordpress site and we couldn’t find the exact reason and when we requested about this problem to our hosing they mentioned that the site gets overloaded from a particular IP address (brute force attack) and we finally concluded it as a hacker trying to access our wordpress admin panel using some malicious software.
This made us to limit login attempts in wordpress site and we are here to help you on how to limit login attempts in your wordpress site.
Reason to limit login attempts in wordpress site
Hackers at first try to access your site through wordpress admin panel. Using admin as a username should be strictly avoided which we discussed in this article about how to prevent wordpress site from being hacked.
Hackers usually develop a script to find out passwords. In wordpress by default you can try and attempt as many failed logins which becomes easy for hackers to guess your wordpress password.
By limiting login attempts in wordpress site you can prevent your site from hackers. So when a user try to access your wordpress login for more than (sorry we forget to mention about this plugin “Limit login attempts”) the limit that is specified in plugin settings then he will be blocked for a time period.
How to limit login attempts in wordpress site
First install and activate “limit login attempts” plugin. Now go to dashboard >> settings >> Limit login attempts and specify the number of login attempts and minute’s to lockout.
You can set the number of hours to lockout if the lockout number exceeds. You can also see the statistics of the lockouts and you can get notification through email if it exceeds more than the specified number of lockout.
Check out this article on how to protect your wordpress site from being hacked and how to password protect your wordpress admin directory (double authentication).