The bot login protection option can be used to protect against brute force attacks.
A brute force attack is one of the most common threats faced by site owners. Many attempts in succession are made trying various combinations of usernames and passwords on the off chance one of them might work. This is all done with bots and not usually real humans. If you use strong passwords, you’ll be safe, but these bots can increase the load on your website slowing it down.
Since you can’t necessarily make sure all your members are using strong, unique passwords, use this Memberium feature to increase protection on your site.
This option is available in Memberium v2.180 on wards. If you’re running on an older version, then please update Memberium to latest version.
Here’s how you can use the bot login protection in Memberium.
Go to Memberium > Settings > Login tab and you’ll find the option for Bot Login Protection.
Disabled: Turn off the protection (default).
Basic: This option is safe to be used even on sites where caching is enabled but it will be less effective.
Maximum: This option provides the most protection but should not be used if the site has caching enabled.
- Do NOT use admin, admin1, techsupport, siteadmin as your username. These are the most common usernames found on WordPress sites and are very easy to guess.
- Use a complex and hard to guess password. Do not use passwords like 12345678, password1234, abcdefg, and such which are very common. Use a password with uppercase, lowercase and special characters.