WordPress security and firewall plugin
A WordPress login security plugin featuring real time brute force IP address blocking and Two Factor Authentication ( 2FA ).
Download BruteBankWhy choose BruteBank?
Simple WordPress Security
BruteBank is easy. Use our mobile app to block intrusion attempts with one swipe. BruteBank push notifications alert you whenever your site is at risk.
Auto Block Hackers
BruteBank is always on. Automatically block brute force attacks based on rules you set for your account.
Instant Blocking
BruteBank is ready to protect one or all of your WordPress sites. After blocking an attacking hacker, their IP address is instantly banned.
WordPress Brute Force Protection
Stop Brute Force Attacks
WordPress is one of the most popular Content Management Systems (CMS) out there. Unfortunately, it's also one of the most targeted by hackers. Brute force attacks are a common type of attack on WordPress sites. These attacks involve an attacker trying multiple combinations of usernames and passwords until they find the right one to gain access to a site. It can be difficult to stop brute force attacks altogether, but there are steps you can take to protect your WordPress site. One effective method is to use a tool like BruteBank, which can help protect your website from this type of attack. With BruteBank, you can rest assured that your WordPress site is safe and secure from any potential threats.
Real-Time
Login Monitoring
The BruteBank WordPress security plugin monitors invalid WordPress login attempts (as well as password protected pages). BruteBank then reports those attacks to the cloud for processing and fingerprinting.
Invalid LoginReported to BruteBank.io for fingerprinting
Unknown username. Check again or try your email address.
← Back to Website
Mobile
App Alerts
Using the app you are able to review attacking IP addresses organized by country and user. Block specific addresses, an entire country or user targeted attacks - all with a swipe of your finger.
Instant
Firewall Blocks
The threats you block in the app are imported by the BruteBank Wordpress plugin - blocking attackers instantly. Any further attempts by the attacker will result in a 403 forbidden message.
403
Access Denied
You do not have permission to access this page.
XML-RPC
Blocking
XML-RPC is a WordPress API that allows developers to login and manage your website content. Unless you're sure your website is using this feature, you should disable it. With BruteBank you can disable the XML-RPC API to prevent attackers from brute forcing your login credentials with a flip of a switch.
Two Factor
Authentication
Manage admin access to your WordPress website directly from our mobile app. Approve or deny any successfully admin logins with 2FA using the tap of a button.
FAQ's
Frequently Asked Questions
-
What is a brute force attack?
Brute forces are attacks by hackers whose attempts are trial by error. It is usually a process to guess your login data using automated programs. In fact the hacking process involves searching your password and username combinations. Hacks often exploit other websites' vulnerabilities to gain access. For instance, hackers could access your information using outdated applications, plugins, and themes. Even older versions of WordPress can make the web security compromised. In contrast, brute-force attacks have low login credentials. Hackers can get into websites using a computer code, a guessing password such as “123456”.
-
Can WordPress be brute forced?
Any website that has an administrative login is exposed to attack by brute force. This includes WordPress and all of it's plugins and components.
-
How common are brute force attacks on WordPress?
Brute force attacks on WordPress websites all over the world occur 24 hours a day 7 days a week. There is a constant threat hackers attacking your website.
-
Is WordPress safe from brute force login attempts?
Typically brute force attack attempts are made by attempting to login to a WordPress administrator account. However, they often target common usernames or users exposed by blog articles written on your website. Both are easily found and exploited with common passwords unless there's a plugin firewall in place to stop them.
Honest Pricing
Find the pricing plan that suits you best
Satellite
$4.95 monthly
$29.95 yearly
• 1 Server or WordPress site
• Server Firewall Protection
• WordPress Security Plugin
• Mobile App Integration
• Unlimited Updates
Rocketship
$39.95 monthly
$429.95 yearly
• 5 Servers or WordPress sites
• Server Firewall Protection
• WordPress Security Plugin
• Mobile App Integration
• Unlimited Updates
Try it free for 30 days
SelectStarship
$99.95 monthly
$1,079.95 yearly
• 10 Servers or WordPress sites
• Server Firewall Protection
• WordPress Security Plugin
• Mobile App Integration
• Unlimited Updates
Space Station
$199.95 monthly
$2,159.95 yearly
• 20 Servers or WordPress sites
• Server Firewall Protection
• WordPress Security Plugin
• Mobile App Integration
• Unlimited Updates