Password Spraying

Password Spraying Protection

What It Does

Password spraying is an attack method where attackers try a few common passwords against many different usernames, rather than trying many passwords against a single username. This module protects against password spraying attacks by detecting and blocking suspicious login patterns.

When this module is activated, it monitors login attempts and identifies patterns that suggest password spraying. If suspicious activity is detected, the module will block the attacker's IP address or username from attempting further logins.

Why It Matters

Login attacks are one of the most common ways attackers try to gain access to WordPress websites.

By strengthening your login security, you significantly reduce the risk of unauthorized access to your website.

How to Use

Activate this module in the Users & Login section of SecuPress settings.

Once activated, the module works automatically and provides protection for your website.

If you encounter any issues after activation, you can temporarily deactivate the module. The module will automatically remove its protection rules when deactivated.