How to Setting up Limit Logon Attempts for WordPress Blog
Security should always be a major concern when using the WordPress as CSM. If someone gets a hold of your personal information or breaks in to one of your admin accounts, then you are at risk of identity theft and hijacking of your WordPress Powered blog. Anyone who breaks in to your account could steal your private content, post spam, steal your WordPress account or use it to gather email addresses to send spam to.
There are ways of protecting your Blog or Site which is using WordPress from malicious threats and bots. You can secure your WordPress blog from unauthorized access by installing some of the plugins that are available for download at the WordPress plugin directory.
There is the best plugin “Limit Login Attempts” which can blocks hackers from trying countless username and passwords after a small number of failed attempts.
It’s fairly easy to write a program that continually tries to log in to your blog by running through every possible combination of common passwords. Limit Login Attempts makes this task completely pointless by locking out users (or bots) that incorrectly try to log in multiple times.
Setting up Limit Login Attempts:
Download and upload Limit Login Attempts plugins in your Plugin Directory. Limit Login Attempts doesn’t require any additional setup or configuration beyond just installing and activating the plugin. However, if you want to tweak the default settings, head over to Settings | Limit Login Attempts.
Allowed Retries—The total number of incorrect login attempts before the user is locked out.
Minutes lockout—The number of minutes the user will be banned from trying to log in again after N number of failed login attempts.
Handle cookie login—Determines if the lockout should be based on the user’s IP address or cookies; it’s recommended to stick with cookies, as IP addresses might be shared between multiple users.
Notify on lockout—Can be configured to log the IP address of the offending attempts and/or send an e-mail to the admin of your blog, notifying that a user has been locked out.