By default, if you currently run a WordPress website then security should always be a concern. As with all instances of WordPress, users and administrators can login an unlimited number of times by default. The problem and the concern that this poses is that if someone is trying to compromise your WordPress site they will not be booted out after a limited number of times. As someone who has had their WordPress site hacked in the past I can personally tell you, this sucks and it takes a lot of time to get your website operational again.
Let’s have a look at a plugin that you can use to limit the number of login attempts that anyone can use to secure their WordPress website and I will talk about a few of the settings as well.
Step 1: Download the “Limit Login Attempts” plugin and activate it
Step 2: Now that you’ve downloaded the plugin, check the “Settings” section on the left hand side menu in your WordPress site.
Step 3: What you will notice is that there are a number of settings that you can set for your website. You will notice that you can track the total number of lockouts that have occured since the plugin has been activated, a number of lockout options including “number of attempts” , “hours until retries are reset” and other options like logging the IP addresses of attempts made and emailing the admin after a number of retries.
When it comes to security and your website don’t mess around, save yourself the pain of having to get your website operational after being hacked. If you use this tip you will thank yourself that you did, trust me!