GuardGiant brute force protection

Thank you for your message. GuardGiant will provide protection against this type of attack.

Kind regards,

GuardGiant team.

Hi Ankit,
Thank you for your message.

You raise a good point regarding large numbers of users sharing a single IP address. The benefit of using a ‘Trusted’ devices system such as GuardGiant is that it will not block every user from that IP address – only ‘Unrecognised’ devices are affected. In contrast, a ‘limit logins’ plugin would implement a blanket ban and affect all users attempting to login from that IP address (this is why the ‘Trusted’ devices approach is used by larger sites). Note that you can disable blocking by IP address in the GuardGiant settings page if you prefer.

Regarding the audit log, it is best practice to do so, and virtually all security policies require that login attempts are logged and the records kept for a certain time period. In the case of GuardGiant records are kept for 3 months after which they are deleted. You may find this blog post useful https://www.guardgiant.com/wordpress-login-activity-3-things-you-should-be-tracking/

Thank you again for your questions.

Kind regards,

GuardGiant Team

Thank you for letting us know about this issue, it’s resolved in version 2.2.4.

Kind regards,
Alice @ GuardGiant team

Thanks for your enquiry. It’s very common to get many attacks on your website, you can experiment with different limits to see which one you feel safest with.