Wordpress brute force protection.

AA-00406

It has now became common to see more than 1 botnet trying to hack numerous wordpress sites at any given time.

The attackers appear to use a bot to 'brute force' guess the passwords for your admin user on the wordpress system.

To thwart this ongoing attack we have added global wordpress brute force protection.

When you access your wordpress login you will be presented a screen that looks like the following :

In this example in the username box you would enter

bc19ip

and in the password field

23

You will then gain access to the login box for wordpress.

If this causes problems with your site, or you do not want this super protection, you can add the following to the .htaccess file in your /public_html folder

<filesmatch "wp-login.php">
Satisfy Any
</filesmatch>

Those lines above will disable the protection for all your sites.