login attempts through the login page & auth cookies

  • Resolved systemcloud

    (@websnextlevel)


    10 years, 8 months ago

    Hi, I was looking at plugins to mitigate against brute force login attacks and see your plugin is up-to-date, great!

    What I wanted to know is whether its protects against the two following items (like the “Limit Login Attempts/” plugin):

    – login attempts through the login page
    – attempts to log in using auth cookies in same way.

    Also, how else does it differ from the “Limit Login Attempts/” plugin?

    Thanks, I look forward to your response.

    Kevin

    https://www.ads-software.com/plugins/bruteprotect/

Viewing 1 replies (of 1 total)
  • Plugin Author Jesse Friedman

    (@professor44)

    Hi Kevin

    We have a lot of resources on https://bruteprotect.com to help you answer these questions but to answer it quickly we use cloud powered data to communicate attack vectors between sites.

    For example if you have 1 site using Limit Login Attempts, you’ll block 1 IP after they try to bruteforce your login 5 times. Then the botnet will just use another IP address and keep going. Some botnets have 100’s of thousands of IP addresses at their disposal.

    BruteProtect connects all the sites in our network. So if one IP is blocked on my site, it will also be blocked on your site. So botnets are far less effective.

    Jesse

Viewing 1 replies (of 1 total)
  • The topic ‘login attempts through the login page & auth cookies’ is closed to new replies.