On my site I use Login Security Solution to help protect my site from hackers and other jerks. I don’t often have issues, but you never know when someone is going to try to force their way into your site.
Turns out that ‘when’ was last night for me.
I got two emails from my security plugin that my site was under brute force attack. Someone was trying to get in. Not only was I alerted but my plugin was slowing them down. Instead of an instant fail, it’d take some time. The plugin also is keeping watch so if they did guess the right login details, it’d still pretend they were wrong. Thank You!
Another plugin I use on often is Limit Login Attempts. It’s a similar plugin and it bans people who try too many times to login.
No matter what your security plan is, having good passwords and removing the admin user is the very minimum any site should have.