Dear Limit Login Attempts WordPress Plugin: Thank you kindly for saving my ass.

Posted by on Aug 6, 2013 in Blog, WordPress Security | No Comments

Soooo…..all of a sudden all of my client sites running on WordPress (on the same server) are timing out.

I called our managed VPS provider, WiredTree, to see what was up. I got lucky because the problem was intermittent, but it was occurring at the very moment I got thru to tech support. After noticing there was a spike in load on our server, my homie at WiredTree found that there were a large number of processes running on the login page of one of our WordPress installs.

Determination: Brute Force attack attempting to gain access to WordPress instance via login page. There was a break in the processes, and I immediately installed Limit Login Attempts. Order and harmony was restored. Download that bad boy here, folks:

Yeah, it’s time to lock down all of our WordPress installs once and for all.