This alone is effective for robots that launch

nejavo

Tabs on XO Security settings screen Login comment XML-RPC REST API Confidentiality environment Note The settings we introduce are just examples. The judgment will vary depending on the stage of the company and the purpose of the homepage, so please use it as a reference only. login tab The Login tab allows you to configure settings to strengthen the security of your WordPress login page. The recommended settings for the login tab are as follows. Login tab on XO Security settings screen We will explain each item in detail. Note Once you've made your settings, click "Save Changes" at the bottom of the screen before switching tabs.


If you switch tabs without saving your changes, your edits will not be reflected. save list of phone numbers changes Attempt limit You can set a limit on the number of login attempts. The recommended setting is to allow up to 3 retries within an hour . For example, with this setting, if you fail to log in 4 times within an hour, your account will be locked (restricted). Screen when login is restricted  a large number of attacks in a short period of time. The lock will be released after one hour, so it will be easier to use. Otter If you strengthen security too much, it will be less convenient, so we recommend this level to start with. Once you get used to using WordPress, make the conditions stricter depending on the situation, such as limiting it to 3 times in 24 hours. memo Our company "X Server" has a " Login Attempt Count Setting " as a WordPress security feature , and it is enabled by default.



X server WordPress security settings (login attempt limit settings) This feature alone has a certain effect on brute force attacks, but if you want to make detailed settings such as the number of attempts per hour, please use "XO Security". In addition, there is no problem in using the "Login attempt count setting" of "X Server" and the "Attempt limit" of "XO Security" together. Response delay when blocking You can adjust the time (in seconds) it takes to display a notification when login is restricted. The recommended setting is "120" seconds. The longer it is, the more secure it is because no operations can be performed during that time.