Plugin / Botnet Attack Blocker

Misha von Bennigsen

Description

Description

After the recent global distributed botnet attack on WordPress installations that took down servers and broke into admin accounts, I thought I’d write a plugin to prevent it happening again.

Distributed botnet attacks can come from multiple IP addresses and locations at the same time, so conventional IP-based lockouts are not effective (e.g. those found in Wordfence and other WordPress security plugins).

For example, if 1,000 different computers (with unique IP addresses) are trying to brute-force your admin password and you lock out each IP address after 5 incorrect attempts then you have still allowed 5,000 attempts. My plugin essentially ignores the different IP addresses and locks out all admin login attempts in a configurable way – so if you have it set to 5 failed attempts (default) then those 1,000 different computers will only have a total between them of 5 attempts.

You can select how many login failures causes the lockout, how much time to allow between failures, how long to block logins for and also you can input a whitelisted IP address (or multiple addresses separated with commas or spaces) which can bypass the lockdown and always log in – so you can still always get into your site even in the middle of an attack. There is also support for partial IP address matching for those with dynamic IP addresses. You can also define a secret key to bypass the lock.

  • Any failed login is counted regardless of username or IP address (unless whitelisted)
  • Once locked down, nobody can log in except from whitelisted IP addresses or using the secret key
  • You can specify the number of login failures that triggers a lockdown
  • You can specify the time between failed attempts that should be counted
  • You can specify how long the lockdown should last
  • You can add a secret key that bypasses the lockdown
  • You can customise the lockout message
  • You can add whitelisted IP addresses that bypass the lockdown
  • Partial IP address matching for dynamically-allocated IP addresses
  • Multisite compatible
  • Available in English, French, German, Italian and Russian

DIRECTORY DISCLAIMER

The information provided in this THEME/PLUGIN DIRECTORY is made available for information purposes only, and intended to serve as a resource to enable visitors to select a relevant theme or plugin. wpSocket gives no warranty of any kind, express or implied with regard to the information, including without limitation any warranty that the particular theme or plugin that you select is qualified on your situation.

The information in the individual theme or plugin displayed in the Directory is provided by the owners and contributors themselves. wpSocket gives no warranty as to the accuracy of the information and will not be liable to you for any loss or damage suffered by you as a consequence of your reliance on the information.

Links to respective sites are offered to assist in accessing additional information. The links may be outdated or broken. Connect to outside sites at your own risk. The Theme/Plugin Directory does not endorse the content or accuracy of any listing or external website.

While information is made available, no guarantee is given that the details provided are correct, complete or up-to-date.

wpSocket is not related to the theme or plugin, and also not responsible and expressly disclaims all liability for, damages of any kind, arising out of the use, reference to, or reliance on, any information or business listed throughout our site.

Keep Leading Your Followers!
Share it for them.