So I have a theory I’d love someone to test for me. I get a lot of brute force attacks on some of my sites and it’s all scripted I’m sure.
If one were to put a check box on the login screen – or a captcha. Wouldn’t that be as effective for blocking scripted brute force attacks as some of the other methods like two-step authentication.
I realize two-step is far more secure than captcha – but I would think a captcha would at least block scripts from trying to login.
Why not just use the BruteProtect plugin? http://wordpress.org/plugins/bruteprotect
Thanks Michael! I actually use WordFence to block bad logins – I’d just like to block the scripts upfront if possible so they have less opportunity to cause havoc.
Try the captcha or check box. Are you having a lot of attacks that succeed?
No one has ever gained access to my sites – its just a pain because I’ve had to reset a couple servers from time to time because they overload the system.
Oh I see.