1. Jonathan Dingman

    It would be a lot safer if you just IP restricted the /wp-admin/ folder, that’s what we’re doing for the corporate blog I just created. In fact, you even have to be on the internal VPN to access it now…just to be extra safe :)


  2. Viktor

    I was looking into downloading one of these plugins. Knowing the IP, do you block them through htaccess or another way, or something? Just curious.


  3. Patrick D.

    Just installed.


  4. Jonathan Dingman

    @Viktor -yeah, just use htaccess to do it. I personally use RewriteCond to do it, then one of the host variables.


  5. Banago

    Just installed it – let’s see if somebody is looking after my wp-admin directory.


  6. Viktor


    Funny thing happened. After I installed it and decided to finally change my sn from “admin” to something else this plugin locked me out for an hour for that. Go figure! =) Working fine now.


  7. Will Anderson

    I actually released a plugin a few months back called Naughty Monkey that you might find useful Jeff. The name is meant to be more humorous than descriptive, so here’s the gist of what it does. The premise is that you’ve changed the default administrator account to use something besides “admin” (the plugin checks that you’ve done this and doesn’t operate if the “admin” account still exists). If a user tries to log in with the “admin” user account, their IP is automatically added to a list of banned IPs. Here’s a link if you’re interested.



  8. Jim Raffel

    Been using it for almost a year and love it. It pains me that about 1/3 of my plugins are security related but we really have no choice. :)


  9. Ed

    I think this plugin should be built into the wordpress core. It’s an excellent plugin.


  10. weston deboer

    installed it the other day and already caught one of the same, i am just going to restrict it by ip address now.


Comments are closed.

%d bloggers like this: