Skip to content

How to stop WordPress Brute-force login attack

Wordpress admin login easily be filtered by IP Address. This method is especially useful as a measure to tackle Brute-force login attack.

This is achieved by placing a .htaccess in the wp-admin directory with the following…

Allow from IP.IP.IP.IP
Allow from IP.IP.IP.0/24
Deny from all

You can also use the CIDR notation to Allow/Deny a range of IP addresses.

comments powered by Disqus