WordPress security can be improved with plugins. Also from brute-force login attempts. Lately, a lot of brute force attacks are targeted against WordPress websites.
Extra WordPress Security Protection Against Brute Force Login Attempts
You can add an extra security layer to your WordPress Login page by using a captcha plugin. A captcha prevents (protects against) brute-force login attempts. One of many is
Captcha plugin by BestWebSoft. Please use Vevida Captcha now (dev-version).
This plugin is easy to install and configure, and translated into many languages.
Install WordPress Captcha plugin
You can easily install the WordPress Captcha plugin in your WordPress back-end.
- Go to
Plugins → Add New
- Fill out “Captcha” in the Search box and click
- In my case, the plugin I want is the first one by BestWebSoft, so simply click
(click OK to install the plugin)
- When the plugin is downloaded and installed, click
- You can manage the plugin settings in your Admin menu
- Enter the settings you’d like. Note that I’ve unchecked the “Words” option, since this uses the WordPress language; with a Dutch version of WordPress you only get Dutch words like “zeven” and “acht”.
Save Changeswhen you’re done.
- When you log out of WordPress and try to log in again, you’ll notice a Captcha form field, with our title “Fill in the form”:
All done! :)
Want to know more about brute-force attacks in WordPress? See how to protect WordPress from brute-force XML-RPC attacks and how to add a delay to your WordPress login form (particularly why a delay is not recommended).