Secure Grav from Brute-Force Attacks Updated on November 19, 2021 by InMotion Hosting Contributor 0 Minutes, 39 Seconds to Read Just like WebHost Manager (WHM) has cPHulk, Grav includes built-in brute force protection with the Login plugin. Below we cover how to set maximum login and password reset attempts. Note: The Login plugin is installed with Grav + Admin Plugin by default. Edit Login Security Settings Log into Grav. Select Plugins on the left. Click the Login plugin name to view its settings and info. Select the Security tab. Change the following settings as desired: Max password resets count Reset requests allowed at once (0 = unlimited) Max password resets interval Minutes to track password resets Max logins count Failed login attempts allowed at once (0 = unlimited) Max logins interval Minutes to track login attempts Press Save at the upper-right. Afterwards, schedule backups for worst case scenarios. Learn more about Grav in our Support Center. Share this Article InMotion Hosting Contributor Content Writer InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals! More Articles by InMotion Hosting Related Articles Resetting the cPanel Password in WHM How to Change your root Password in WHM How to Stop and Disable Firewalld Content Security Policy (CSP) Headers – Complete Reference Guide Why You Need To Keep Your Website’s PHP Version Up-to-Date Learning About Mod_security and Disabling Mod_security Close Open Ports for PCI Compliance How to Pass PCI Compliance Scans DDoS Protection Using Corero How to Open a Port in Firewalld
