Every failed login is counted and if configurable threshold is hit, plugin will block access to wp-login.php in .htaccess, so that hijackers won’t be able to try anymore and at the same time – won’t use server resources.
If the same IP keeps trying after first block has expired, it is possible to block it from accessing website completely.
Blocking visitor in .htaccess is the most simple and most resource friendly way of stopping webpage abuse and wasting server resources.
Since v0.6 plugin should also log and stop XML-RPC abusers.
此插件可供下载,可用于您的 WordPress 自托管安装。