WordPress is one of the most used CMS on the internet, and because of this, one of the most targeted systems by bots and hackers.
A brute-force attack consists of systematically checking all possible keys or passwords until the correct one is found. WP Login Delay is a small plugin that offers a simple help against this.
For each login attempt on the system, the plugin will add a delay of one second. Although the users will not feel any difference when logging into the system, this can help again a bot that is sending thousands of requests and waits for their results.
This plugin will not make your system highly secure, there are other security plugins that do the job better than WP Login Delay. But installing this plugin will add one more defense to your website, and this defense should not conflict with any other defense already installed.
- Upload the
wp-login-delayfolder to the
- Activate the plugin through the ‘Plugins’ menu in WordPress
- That’s it, WP Login Delay is installed and working
Is this really working?
Just think about it… If you want to pass through a huge door and you have to try thousands of different keys to find the correct one. You will test all of them until the correct one works, right? This means that for each attempt, you will have to wait for the result to know if it is the correct key or not. Each result being delayed, it will take a lot more time to find out which key is the correct one. It is the same principle that is used here, one second delay is ok for a human, but looks like eternity for a bot.
Where are the plugin settings?
WP Login Delay
Contributors & Developers
“WP Login Delay” is open source software. The following people have contributed to this plugin.Contributors
Translate “WP Login Delay” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
- Added support until WordPress 5.7.2
- Remove the word WordPress from the plugin name
- Added setting to use a random delay between 1 and 5 seconds
- Added support until WordPress 4.8.2
- Wrong SVN commands to push plugin update to WordPress repository
- Fixed the invalid header issue after installation
- Updated the readme file for WordPress 3.8
- Renamed a function of the plugin to avoid conflict with WooCommerce plugin
- Added a setting under “Settings > WP Login Delay” to set the delay time in seconds (the default value is one second)
- First version of the plugin