Login LockDown records the IP address and time stamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.
Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Administrators can release locked out IP ranges manually from the panel.
Why you should Limit Login Attempts in your WordPress
From time to time hackers may try to break into your WordPress site by guessing your admin password. By default, WordPress allows users to enter passwords as many times as they want. Hackers may try to exploit this by using scripts that enter different combinations until your website cracks.
To prevent this, you can limit the number of failed login attempts per user.
For example, you can say after 5 failed attempts, lock the user out temporarily.
If someone has more than 5 failed attempts, then your site block their IP for a temporary period of time based on your settings. You can make it 5 minutes, 15 minutes, 24 hours, and even longer.
Below i listed Step by Step of Setup for Login Lockdown Plugin.
Step 1: First You Need Login Your WordPress Site
Step 2: Select the Plugins Option and Click the Add New button
Step 3: Search the Login LockDown key word in the search option, then you will see the below type of Plugin and you need to click and Install the plugin in your wordpress.
Step 4: Once install completed then activate the plugin because then only you will see this plugin in the setting option.
Step 5: Goto the setting and select the Login LockDown Plugin,
Step 6: Then you will get this below Setting Page.
In This Setting Page you can configure as per your request.
Max Login Retires : You need to enter Number of Login attempts can be made.
Retry Time Period Restriction (Min): how long a user will be unable to retry if they exceed the failed attempts.
Lock Out Length (Min): you can define how long a particular IP block will be locked out for once a LockDown has been triggered.
Finally Don’t Forget to Click Update Setting button to storage your changes.
Any one try to login your account with a guessing password they cross the number of attempts after they will got the below error message.
Thank You…
No comments:
Post a Comment