Get exclusive CAP network offers from top brands

View CAP Offers

Reply To: WP Brute Force Attacks Continue

[bsa_pro_ad_space id=2]
#834278
gokken
Member

@jopaa 253005 wrote:

Hi Dave,

Why don’t you use Wordfence Security plugin? Free version is pretty useful and has a feature that allows you to automatically ban any IP that fail to login “x” nr of times.

Already do mate.

The inherent problem with plugins like this and others, they don’t actually prevent these scum bags gaining access to the login page. In addition, blocking IP’s is a waste of time. 95% of these brute force hack attempts are coming from botnets, who have access to 10’s of thousands, if not 100’s of thousands of infected PC’s, servers etc etc. That’s a lot of IP’s to block, which does no good at all.

I think my best alternative is to use a service like CloudFlare, where my site sits behind whatever they use. CloudFlare stops them at the door, before these jerks get access to the site.

Wordfence and others are good for script kiddies and anyone using a single IP. However getting hammered by 1000’s of IP across changing C-Classes, these security plugins are a waste of resources.