Back
plugin-icon

Protection Against DDoS

By WPChef·
Brute Force
ddos
login
Protects your login, xmlrpc and RSS feeds pages against DDoS attacks. Denies access to your site from certain countries via CloudFlare.
Ratings
5
Last updated
April 29, 2020
Version
1.5.2
Active installations
4K

This plugin resolves performance issues caused by brute force attacks described in the WordPress Codex here: https://codex.wordpress.org/Brute_Force_Attacks

From WordPress Codex:

Due to the nature of these attacks, you may find your server’s memory goes through the roof, causing performance problems. This is because the number of http requests (that is the number of times someone visits your site) is so high that servers run out of memory.

A common attack point on WordPress is to hammer the wp-login.php file over and over until they get in or the server dies. You can do some things to protect yourself.

Protection Against DDoS plugin addresses these issues very well.

It also allows to deny access to common WordPress features that get frequently attacked, like xmlrpc or RSS feeds pages.

CloudFlare users can allow or deny access for visitors from specified countries.

All checks are done via the .htaccess file so that bogus requests can’t even reach your WordPress site and get bounced at the web server level. You can also specify exactly where they can be bounced to.

Compatibility

  • Doesn’t have any known conflicts with any other security plugins.
  • Fully compatible with WordPress multisites.

Advanced users can get more technical information on the FAQ page.

Related plugins

See all
Freeon Creator plan
Get started
By installing, you agree to WordPress.com’s Terms of Service and the Third-Party plugin Terms.
Active installations
4K
Tested up to
5.4.16
This plugin is available for download to be used on your WordPress self-hosted installation.
Download