Brute Force Attack Protection
Jetpack blocks unwanted login attempts from malicious botnets and distributed attacks.
Is my site under attack?
Brute force attacks are the most common form of hacking — and hackers don’t discriminate. As the most commonly used Content Management System on the web, WordPress sites make an attractive target for hackers looking to exploit code vulnerabilities unique to WordPress.
Using large networks of computers known as botnets, hackers can try to gain access to your site by using thousands of different combinations of usernames and passwords until they find the right one.
Recently, attackers have found a way to “amplify” these attacks against the WordPress XML-RPC file – making it easier for attackers to try and break into your site.
WordPress brute force attacks can:
- Slow down your site (or cause it to stop responding) because of repeated server requests.
- Allow unauthorized access to your site for hackers to modify your code or insert spammy links.
- Put your site content and data at risk.
That’s where Jetpack comes in. Our state-of-the-art security tools automatically block these attacks, protecting your WordPress site from unauthorized access.
On average, Jetpack blocks 5,193 WordPress brute force attacks over a site’s lifetime. It allows you to protect yourself against both traditional brute force attacks and distributed brute force attacks that use many servers against your site.
- Automatic blocking of malicious IPs before they reach your site.
- View a count of total attacks to your site on your dashboard.
- Whitelist known IP addresses to prevent false positives.
- Turn the feature on or off with one click from your dashboard.
Part of Jetpack’s suite of security services for WordPress sites including WordPress brute force protection, uptime monitoring, data backups, security scanning, and more.
Frequently Asked Questions
Here are the answers to some common questions. And we’re always more than happy to answer any additional questions you may have.
How much does brute force protection cost?
Brute force protection is provided for free to all WordPress sites running Jetpack.