The greatest hack focus on a WordPress site seems to be trying to log in with
the default username “admin”. This plugin detects all login attempts with that
username and exits with a 403 Forbidden header. This should eventually
discourage login bots from continuing to pound your site.
All attempts are logged inside the /wp-content/plugin-data folder, just in case
you need the info. Logs are kept for up to 30 days.
- Create a unique administrator account, if necessary.
- Assign all admin posts to this alternate administrator account.
- Delete the default admin account.
- Alternatively, use a plugin or database access to change the default username.
- When there’s no longer an “admin” user, just upload, install and activate.
There are no reviews for this plugin.
Contributors & Developers
“Block Default Login Attempts” is open source software. The following people have contributed to this plugin.Contributors
Translate “Block Default Login Attempts” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.