1. It would be a lot safer if you just IP restricted the /wp-admin/ folder, that’s what we’re doing for the corporate blog I just created. In fact, you even have to be on the internal VPN to access it now…just to be extra safe :)

  2. Viktor

    I was looking into downloading one of these plugins. Knowing the IP, do you block them through htaccess or another way, or something? Just curious.

  3. Just installed it – let’s see if somebody is looking after my wp-admin directory.

  4. Viktor


    Funny thing happened. After I installed it and decided to finally change my sn from “admin” to something else this plugin locked me out for an hour for that. Go figure! =) Working fine now.

  5. I actually released a plugin a few months back called Naughty Monkey that you might find useful Jeff. The name is meant to be more humorous than descriptive, so here’s the gist of what it does. The premise is that you’ve changed the default administrator account to use something besides “admin” (the plugin checks that you’ve done this and doesn’t operate if the “admin” account still exists). If a user tries to log in with the “admin” user account, their IP is automatically added to a list of banned IPs. Here’s a link if you’re interested.


  6. Been using it for almost a year and love it. It pains me that about 1/3 of my plugins are security related but we really have no choice. :)

  7. I think this plugin should be built into the wordpress core. It’s an excellent plugin.

  8. installed it the other day and already caught one of the same, i am just going to restrict it by ip address now.

Comments are closed.