Bruteforce attacks (Wordpress)


I was wondering if there are any more people facing brute force attacks on their server.
My VPS is running DirectAdmin and is constant under a bruteforce attack.

I can stop many attacks using fail2ban.
Unfortunatly Wordpress (wp-login.php & xmlrpc.php) attacks will still go on.

Has anyone experience securing Wordpress brute force attacks trough the server?
At this moment i have secured my Wordpress installations troughout the Ninjafirewall plugin, which works great. But i want a strong protection on my server.

Kind regards,
Veela IT Solutions


  • RomanRoman Moderator

    Easy way to mitigate wp-login attacks is install extension like WP Cerber and activate site-wide CAPTCHA.
  • veelaveela Member
    Thank you for your reply.
    But do you know some addon for the server to protect all of my unmanged Wordpress installations?

Sign In or Register to comment.