• I installed this plugin soon after starting my website. I just checked my log while looking at the settings for “Limit Login Attempts” I noticed that there were over 300 lockout IP addresses. the top one had 47 lockouts. Most had one or two, but there were many multiple attempts over 10. I’m sure that if this plugin wasn’t installed some of these hackers would have pounded my site with login attempts. Fortunately, I have a strong password and this plugin.

Viewing 1 replies (of 1 total)
  • A strong password is good. Hopefully, you are not using “Admin” username for your admin tasks. Make it something different and with a few special characters just like you would for your password. And then, do not post as Admin; create a different account for posting.

    And while we’re on this topic (sort of), for sites that make you create security questions and answers, pick any security questions, and then make the answers random with alphanumeric and special characters. I do this on every site now. Q: What’s your favorite food? A: s9#mvL*%@K%
    We are all using some sort of password manager by now, I hope, so using a “random” looking password like this is not something you’ll have to remember.

    I have multiple sites hosted at Flywheel (getflywheel.com) and they force this plugin as a must-use (muplugin). My oldest site there is 3 years and has never been hacked, even though I can see about a dozen lockouts per day.

Viewing 1 replies (of 1 total)
  • The topic ‘This Plugin is Great. Surprisingly Effective’ is closed to new replies.