Automatic protection for WordPress against ‘Brute Force’ attacks

A “Brute Force” attack is a type of attack in which malicious parties attempt to gain access to a Web site by continuously trying to guess usernames and passwords. Because WordPress is the most popular CMS system in the world, WordPress websites are regularly targets of such attacks. Because WordPress itself has no built-in protection against such attacks, since November 2021, we have been automatically protecting the SuperFast WordPress websites we manage from this.

Protection blocks an IP address once that IP address has made 10 or more (right or wrong) log-in attempts during a 5-minute period.
An IP address is released again if no new log-in attempts are made for 10 or more minutes.

The limit of 10 can be increased per website by a .htaccess change:

WordPressProtect throttle, 20
# BEGIN WordPress

Need help from one of our hosting gurus?

Do you need an urgent answer to a question or help from our support? Our hosting specialists are more than happy to assist you!

Customer Support Team

Our customer service is open until 18:00 hour

Of neem een kijkje in onze 'stap-voor-stap' support handleidingen.

View support articles