{"id":485,"date":"2013-06-09T16:44:08","date_gmt":"2013-06-09T23:44:08","guid":{"rendered":"http:\/\/www.ultimatewb.com\/blog\/?p=485"},"modified":"2013-06-09T16:44:08","modified_gmt":"2013-06-09T23:44:08","slug":"how-to-avoid-brute-force-loginattacks-on-your-wordpress-blog-or-website","status":"publish","type":"post","link":"https:\/\/www.ultimatewb.com\/blog\/485\/how-to-avoid-brute-force-loginattacks-on-your-wordpress-blog-or-website\/","title":{"rendered":"How to avoid brute force login attacks on your WordPress blog or website"},"content":{"rendered":"<p>If your WordPress blog or website has been hacked numerous times and you have followed all of the <a title=\"WordPress website hacked?  How to fix it\u2026!\" href=\"https:\/\/www.ultimatewb.com\/blog\/429\/wordpress-website-hacked-how-to-fix-it\/\">tips on securing it<\/a>, there is one other thing you can do &#8211; limit which ips (i.e. computers\/internet connections) can login to your WordPress admin panel.\u00a0 Recently there has been\u00a0a rash number of brute force login attacks on WordPress blogs and websites.\u00a0 Even an unsuccessful login can prove to be detrimental to your website by causing a heavy server overload, thereby perhaps necessitating a server reboot, and leaving your website offline for a bit.\u00a0 And a successful login &#8211; that can really mess up your website.<\/p>\n<p>Here&#8217;s how to do it:<\/p>\n<p>Add these\u00a0lines to your existing WordPress directory .htaccess file, or create a .htaccess file if you don&#8217;t have one yet. (If you are using WordPress integrated with UltimateWB, you will\u00a0already have a created .htaccess file in your WordPress directory)\u00a0 This example limits ips to WordPress&#8217;s login page.\u00a0\u00a0 The file &#8220;wp-login.php&#8221; can be modified\u00a0to any file that may be at risk of being targeted for brute force attacks.<\/p>\n<p>WordPress .htaccess Location: \/wordpressdirectory\/.htaccess file:<br \/>\nexamples:<br \/>\n\/httpdocs\/\u00a0 (root directory installations of WordPress)<br \/>\n\/wordpress\/<br \/>\n\/blog\/<br \/>\n&#8230;etc.<\/p>\n<p>Lines to add:<br \/>\n&lt;FilesMatch wp-login.php&gt;<br \/>\nOrder Allow,Deny<br \/>\nAllow from 123.123.123.123\u00a0 (replace with YOUR IP)<br \/>\n#Allow from 123.123.123.121 additional lines can be added\u00a0for multiple IP access<br \/>\n#Deny from all<br \/>\n&lt;\/FilesMatch&gt;<\/p>\n<p>Easy!\u00a0 <a href=\"https:\/\/www.ultimatewb.com\/contactus\">Contact us<\/a> if you have any questions, or post a comment here.<\/p>\n<p>Related:<br \/>\n<a title=\"Permalink to Why do WordPress websites and blogs get hacked so much?\" href=\"https:\/\/www.ultimatewb.com\/blog\/463\/why-do-wordpress-websites-and-blogs-get-hacked-so-much\/\" rel=\"bookmark\">Why do WordPress websites and blogs get hacked so much?<\/a><br \/>\n<a title=\"Permalink to WordPress website hacked?  How to fix it\u2026!\" href=\"https:\/\/www.ultimatewb.com\/blog\/429\/wordpress-website-hacked-how-to-fix-it\/\" rel=\"bookmark\">WordPress website hacked?\u00a0 How to fix it\u2026!<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If your WordPress blog or website has been hacked numerous times and you have followed all of the tips on securing it, there is one other thing you can do &#8211; limit which ips (i.e. computers\/internet connections) can login to &hellip; <a href=\"https:\/\/www.ultimatewb.com\/blog\/485\/how-to-avoid-brute-force-loginattacks-on-your-wordpress-blog-or-website\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[336],"tags":[369,368,370,109,303],"class_list":["post-485","post","type-post","status-publish","format-standard","hentry","category-website-security-2","tag-secure-website","tag-secure-wordpress","tag-security-tips","tag-wordpress","tag-wordpress-hacked"],"_links":{"self":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts\/485"}],"collection":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/comments?post=485"}],"version-history":[{"count":1,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts\/485\/revisions"}],"predecessor-version":[{"id":486,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/posts\/485\/revisions\/486"}],"wp:attachment":[{"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/media?parent=485"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/categories?post=485"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ultimatewb.com\/blog\/wp-json\/wp\/v2\/tags?post=485"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}