In the past I’ve used the Limit Login Attempts and IP Filter plugins to protect WordPress dashboards from brute force attacks. I’m now using WP Cerber. In addition to limiting the number of dashboard login attempts, Cerber has other great features.
- Creation of whitelisted and blacklisted IP addresses
- Makes it possible to hide WordPress login pages and create a custom login URL
- Enables the use of reCAPTCHA on WordPress forms
- Provides a citadel mode that protects sites during botnet brute force attacks
- Hides login names
I’m using this plugin on all the WordPress sites that I maintain. BTW, contact me if you’re looking for help with software and security updates for your WordPress site. I offer a WordPress update service.