Protect Your WordPress Website Against Malicious Login Attempts
Email Received
WordFence sent us an email today listing IP addresses sending out malicious login attempts to WordPress sites.
WA Site Support Ticket SubmittedBecause WA provides spam protection at the server level I submitted a Site Support Ticket asking if we should add these IP addresses to our Disallowed Comment Keys Section in the Settings Discussion Section of our WordPress Sites.
WA Site Support ResponseSite Support said we could add them to each of our websites for protection.
4 Steps To Add Protection To Your WordPress Website Against Malicious Login Attempts- Log into your WordPress Dashboard.
- Go to Settings --> Discussion --> Disallowed Comment Keys.
- Enter the following IP Addresses in the Disallowed Comment Keys Box. One address per line.
- Save Your Changes
- That's it.
Recent Comments
28
Thanks very much for your help.
It's great that you sought advice from Site Support.
I'll take action with that and watch out for any others. I installed WordFence on my site about one week ago. They certainly are up to speed with sending feedback. I will take more notice of them from now on! All the more thanks to you :)
I
See more comments
This option you gave is okay but the "Disallowed Comment Keys Box" is to prevent comments from those IPs. It is different from you preventing log-in attempts.
Wealthy Affiliate is doing a great job protecting mass log-in injection on your WordPress sites. Extra steps you can take is to ensure you re-set your WordPress password regularly.
Also, protect your WA login details (the second way to log in to your WA-hosted websites}.
Regards
John
Thanks for your comments.