Title: Brute Attack issue Last modified: August 22, 2016 --- # Brute Attack issue * Resolved [lgpowell](https://wordpress.org/support/users/lgpowell/) * (@lgpowell) * [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/) * Hi, * Yesterday morning my site became under attack for hours resulting in my host shutting taking my site offline. They said that since midnight UTC the day before yesterday my account had hit the daily CPU time limit of 13,000 seconds in just 16 hours and 06 minutes. In correspondence with them they informed me that my site was attacked 9,734 times! * The thing is I use Security Login Solutions plugin so I knew about the attack and thought it wasn’t too big of a deal, but I am worried how somehow this bot attacked so many times resulting in my host taking our site down! I’ve looked back at the settings for this plugin to double check the limit login feature, but I must be stupid (please forgive me) but I do not see anywhere to enable this with in my settings… (btw I have a multi-wordpress site)– can anyone point me in the right direction of where to find this setting? Or give me some other kind of suggestion so this doesn’t happen again? * Thanks so much! * Lani * [https://wordpress.org/plugins/login-security-solution/](https://wordpress.org/plugins/login-security-solution/) Viewing 6 replies - 1 through 6 (of 6 total) * Thread Starter [lgpowell](https://wordpress.org/support/users/lgpowell/) * (@lgpowell) * [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/#post-5477264) * Ok nevermind. Login Security Solution plugin is not for blocking out users. Anyone have any recommendations on a plugin to block out brute attacks since the “Limit Login Attempts” plugin they recommend is out of date? * Thread Starter [lgpowell](https://wordpress.org/support/users/lgpowell/) * (@lgpowell) * [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/#post-5477266) * Does anyone know if Login Security Solution plugin is compatible with Login Lockdown? * [wpwalker](https://wordpress.org/support/users/wpwalker/) * (@wpwalker) * [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/#post-5477270) * Yes Limit Login Attempts is out of date, and usually that will cause me to drop a plugin immediately. But this is a special case — i use it on 12 sites, and i’m not worried. Here is why: 1. It is still the recommended plugin by respected hosts such as wpengine. 2. It has been inspected and discussed by many knowledgeable people. One good discussion is here: [https://wordpress.org/support/topic/plugin-hacked-1](https://wordpress.org/support/topic/plugin-hacked-1) * Thread Starter [lgpowell](https://wordpress.org/support/users/lgpowell/) * (@lgpowell) * [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/#post-5477274) * Thanks for your response and for the link [@wpwalker](https://wordpress.org/support/users/wpwalker/)– it’s appreciated 🙂 If you wound’t mind would you clarify what you mean by “usually that will cause me to drop a plugin immediately”? * [wpwalker](https://wordpress.org/support/users/wpwalker/) * (@wpwalker) * [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/#post-5477277) * Sure — If a plugin hasn’t been updated in at least 6 months, i get nervous: At the least, the author may not be taking care of it any more, and it may fail in future as the code of WordPress and of other plugins and themes changes. At worst, it may not be keeping up with the latest security exploits, and be making a big hole in my precious websites. * I was kind of exaggerating on that “drop a plugin immediately” i guess 😀 That was shorthand for “start looking around for another similar plugin, which means doing research on web, trying on a local site, then trying on a less-important site, before i commit to it”!! * hope this helps. * Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/) * (@convissor) * [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/#post-5477417) * The latest version of Login Security Solution has the ability to block attackers to prevent denial of service situations. It’s the “DoS Tier” setting. * Another option is to set the plugin’s “Match Time” to 0, which disables the slowdowns. Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘Brute Attack issue’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/login-security-solution.svg) * [Login Security Solution](https://wordpress.org/plugins/login-security-solution/) * [Frequently Asked Questions](https://wordpress.org/plugins/login-security-solution/#faq) * [Support Threads](https://wordpress.org/support/plugin/login-security-solution/) * [Active Topics](https://wordpress.org/support/plugin/login-security-solution/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/login-security-solution/unresolved/) * [Reviews](https://wordpress.org/support/plugin/login-security-solution/reviews/) * 6 replies * 3 participants * Last reply from: [Daniel Convissor](https://wordpress.org/support/users/convissor/) * Last activity: [11 years, 6 months ago](https://wordpress.org/support/topic/brute-attack-issue/#post-5477417) * Status: resolved