How to prevent wp-login brute force attack from thousand of different IP?

This question already has an answer here:

  • Prevent Brute Force Attack

    5 answers

Solutions Collecting From Web of "How to prevent wp-login brute force attack from thousand of different IP?"

Sadly it’s not uncommon to receive many rogue login attempts. If you have a strong password policy this actually shouldn’t worry you too much.

If there is a limited amount of people with logins and they work from fixed addresses, you can block acces to that page by writing a rule in your .htaccess that blocks all visitors from wp-login.php except those with certain ip-addresses.

Also, security plugins like iThemes can track rogue plugin attempts for you, and issue bans as well as fix common security loopholes. But you can’t stop people from trying to get in, unless you decouple your site from the internet.