Protection Against Brute Force Attacks: The RB Login Protector

Torben Simon Meier Updated on 20.10.2020
2 Min.
rb login protector
Last updated on 20.10.2020

Effective protection against WordPress Brute Force attacks and unauthorized Login attempts - dhe offers you our new feature, the RAIDBOXES Sign in Protector. We'll show you where to find the security feature in the RB Dashboard and how to set it up properly.

Brute Force Attacks are by far the most common type of attack on WordPress sites . Bots will automatically try to get into your WordPress -dashboard and usually use hundreds or thousands of stolen login data and passwords.

In the worst case, hackers can log in to your WordPress - in the best case, these login attempts create a very high load on your site . The RB Login Protector prevents these attacks. It basically uses one of several Pluginsknown mechanisms: Limit Login Attempts (LLA).

And this is how RB Login Protector works

The RB Login Protector is placed in front of your WP login area and 'blacklists' IP addresses that repeatedly try to log in with incorrect login data.

In your BOXsettings you can define exactly after how many login attempts this lock should take effect and how long the respective IPs are locked out.

Setting up the RB Login Protector correctly

You can find the RB Login Protector in your BOX settings in the Security submenu.

Protection Against Brute Force Attacks: The RB Login Protector

The overview of blocked IPs (drop-down arrow)

Using the buttons at the top you can view all blocked IP addresses and reset the attempt counter. This completely clears the blacklist and all IPs can start login attempts again. If you only want to unblock individual IP addresses, select them in the list and then reset the counter.

Settings

Here you can set exactly how many failed attempts are allowed before an IP is blocked and how long blocked IPs should be blocked.

Whitelist

In addition to the blocking rules, you can also define a whitelist. IP addresses that are on this list are never 'blacklisted'.

Notifications

You can also be informed about all lock-outs by e-mail.

Please note: Brute ForceAttacks are very common. It is therefore possible that you may receive a lot of e-mails via this notification function.

Brute Force Disable protection?

Issuing the RB Login Protector is a major security risk, because our server does not monitor the login ofsite your WordPress installation and Brute Force attacks are easier to handle. So be sure that you absolutely have to turn it off.

Direct login with the Single Sign-on

Should RB Login Protector ever block your own IP, you can use the Single Sign-on (SSO) keep logging into yoursWordPress . We developed this feature to allow both: a secure, complex password AND a simple login to your site WordPress backend.

A strong and secure password is essential for the security of your WordPress site essential. The criteria for a secure password (upper and lower case letters, numbers and special characters, minimum length of 7 characters, etc.) can make it difficult for attackers to make a valid entry during login. With thisSingle Sign-on , using complicated and especially secure passwords is no longer a problem. How you can use this, we explain in this Helpcenter article.

Related articles

Comments on this article

Write a comment

Your email address will not be published. Required fields are marked with * .