This plugin has been protecting WordPress sites of our clients for a few years very effectively. Because its high efficiency the installation of it became a mandatory rule for all our customers. The plugin can recover a site from being completely inaccessible to back-to-normal in seconds, right after you install it.
We decided to share this plugin out of respect to the WordPress community. You are welcome to use it on any of your free or commercial sites.
The plugin doesn't have any settings. It starts working right after you install it. It utilizes a very simple idea: when a real user accesses the login page, the plugin sets a validation cookie for this user. After the user submitted the log in form, the plugin checks if the cookie is there and correct. If so, the user is allowed to log in. Otherwise the user gets bounced off. Since malicious bots attack the WordPress login page directly, they don't get the protection cookie and hence always get bounced off. Moreover validation happens at the server level BEFORE WordPress is even accessed (via .htaccess file) and hence no load is directed to the WordPress at all. The secure cookie is encrypted and unique for every site so the bots can't falsify it. Simple and effective!
Please pay attention to the following information:
- This plugin only works on the servers that support .htaccess files. Most Linux servers do.
- This plugin protects against DDoS CAUSED by brute-force attacks ONLY. This is the most common cause for an operational WordPress site to be down though. If your site is under attack for other reasons (for example if you got a lot of traffic to one of your posts) this plugin will not help!
- We are willing to help you if you have any issues with the plugin. Please use the support forum. We check it regularly.
Security-protection
WordPress Pro plugins |
Security-protection |
Donate
Why humans should prove that they are humans by filling captchas? Lets bots prove that they are not bots with adding javascript to their user-agents!
Security-protection blocks and stops brute-force attacks.
Want to read more how Securit.........
Botnet Attack Blocker
After the recent global distributed botnet attack on WordPress installations that took down servers and broke into admin accounts, I thought I'd write a plugin to prevent it happening again.
Distributed botnet attacks can come from multiple IP addresses and locations at the same time, so convention.........
WP Cerber
Limit the number of login attempts through the login form, XML-RPC requests or using auth cookies. Restrict access with Black Access List and White Access List. Track user and intruder activity.
=How does WP Cerber protect sites?=
By default WordPress allows unlimited login attempts either through.........
Login Dongle
Login Dongle protects your login by means of a security question
(AKA challenge/response) as an extra security layer. A bookmark is your login dongle....
Project Force Field
Faison Zutavern, Jon Valcq, and Emma Edgar, from Orion Group LLC, bring superior Brute Force Attack protection to WordPress with their new plugin, Project Force Field. By tracking failed login attempts and taking advantage of Apache's mod_rewrite module, Project Force Field stops Brute Force Attacks.........
Private! WordPress Access Control Manager
Private! makes it possible to build private blogs for your friends, family or your business.
But Private! can do much more for you!...
AskApache Password Protect
This is totally and completely unlike any other security plugin for WordPress. They operate at the application-level by controlling or using PHP to stop attacks, this plugin works at the network-level BEFORE PHP, which is why this plugin is so darn effective. This plugin is specifically designed t.........
Apache Password Protect
Protect wp-admin folder and the wp-login.php file of HTTP password...
Anti-Spam by CleanTalk - No Captcha, no comments & registrations spam
No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots....
Limit Attempts Booster
Limit Attempts Booster was designed to manage the access to users website and provide bullet proof security to your website.
With Limit Attempts Booster, you can limit users attempts to log in to your website and consequently, block the user for a certain period of time.
Apart from that, Limit Att.........
