BruteBank firewall plugin.

How it works

BruteBank is a firewall software that communicates alerts via an iPhone app. The ability to identify and block attacks covers things like FTP, POP, IMAP and more. However, for Wordpress the BruteBank plug-in monitors your login. You'll need an iphone, and an account with BruteBank to power the Wordpress plug-in.

Activate the plug-in

STEP 1

Download the BruteBank Wordpress plug-in here. Installing BruteBank works the same way as any other Wordpress plug-in.

Plug-in settings

Once you've installed and activated the BruteBank plug-in, navigating to it will present you with Server Key inputs.

Create a BruteBank Account

STEP 2

To generate your server keys, you will need to open an account with BruteBank.io Multiple plans and pricing tiers are available, but for the purposes of this tutorial we are using a "Satellite" or single site plan. This will provide us with coverage for one Wordpress site or admin login.

STEP 3

Establishing service with BruteBank includes creating a Team name during the registration process. Teams exist to allow you to invite other users (that you approve) to help monitor your account. For our installation we are going to remain a team of one, but in the future if we decide to approve other users, we will invite them to the name we selected for our Team. In this instance we are naming our team after our website name.

The software will prompt you to name your Server, which is a means of identifying the property you will be protecting with BruteBank. Because BruteBank is available for more robust security monitoring outside of WordPress, naming the server is generally used to identify what type of server is being monitored. However, for our purposes we will be naming it "WordPress-Site-Name" since we are protecting our WordPress site. Choosing a name is arbitrary, but if you add multiple servers to the service, naming helps keeps things tidy.

The final step to setting up your BruteBank account and configuring your plugin is to access your keys. BruteBank provides you with two keys, a public key and a private key. Both of these keys are required to connect your Wordpress plug-in. Your secret key is generated once, and only once. When you access the secret key within the BruteBank.io admin area, you cannot retrieve it again. If you fail to copy the secret key, you will need to regenerate another one.

STEP 4

Copy the Public Key from the BruteBank.io admin area, and paste it into the plugin field named "Public Key." Repeate the process with the Secret Key. Again, remember that the Secret Key can only be accessed once to copy. So if you fail to copy the key to your clipboard, you will need to regenerate a new Secret Key.

Once both of your keys are pasted successfully into the BruteBank plug-in fields, press the "Update" button. That's it. You're WordPress login is now being monitored by BruteBank.

Monitoring & Blocking Activity with BruteBank

Download the BruteBank iphone app here. Use the same login credentials that you created when signing up for your BruteBank account. WordPress attacks will be logged in the app and push notifications will alert you when new threats are detected. You can swipe left to block threats, or swipe right to dismiss them.

The BruteBank app provides you with timely updates to your WordPress security