A better way to prevent brute-force attacks
GuardGiant is a modern security plugin that protects your WordPress site from attackers whilst preserving the best possible user experience.
* GuardGiant is free software licensed under GPL V2.
What Makes GuardGiant Better
When a genuine user makes a successful login to their account using their mobile phone, tablet, or computer GuardGiant starts treating their device as Trusted.
Looking after real users
Failed login attempts from trusted devices are directed towards 'Lost Password' forms rather than being subject to account lockouts or additional counter measures.
Users receive an alert when anyone logs into their account from an unrecognized device or browser.
Strong Security Measures
GuardGiant uses a range of counter-measures to stop repeated failed login attempts from unrecognized devices. The default behaviour is as follows:
Add Captcha Field
After 3 failed login attempts from the same device, a Captcha field is added to the login page. A Captcha is a strong counter-measure that is very hard for an automated process to solve.
Temporary Block
After 10 failed login attempts a temporary block of 2 minutes is applied to the device/IP address. No login attempts can be made during this time.
Extend Block Time
Each further failed login attempt makes the block time longer by 1 minute. This slows down attacks to the point where they quickly become unviable.
You can fully customize the behaviour of GuardGiant to suit your environment.
Your Site Needs Protection
Brute force attacks have plagued the internet for years and are now at unprecedented levels. According to the Data Breach Investigations Report 2020:
86%
of attacks are financially motivated
80%
of breaches use brute-force techniques
22%
of breaches are related to site misconfigurations
Other Security Improvements
GuardGiant implements security improvements recommended by the Open Web Application Security Project® (OWASP) to keep your site safe:
Obfuscates login errors to stop hackers detecting valid account names.
Provides visibility of hacking attempts through an audit log of failed login attempts.
And much more...
Site Owners Love GuardGiant
GuardGiant is really simple to install and the default settings are optimized for most sites. You can of course tailor the plugin to your specific needs.
Frequently Asked Questions
Find answers to common questions about the GuardGiant plugin for WordPress.
What level of expertise no I need to configure this plugin?
This plugin is exceptionally easy to use no matter what your level of technical experience. The default settings are highly optimized, designed to keep attackers at bay whilst not disturbing genuine users from logging on.
For advanced users, you can fully customize the behaviour of the plugin to ensure it works best for your application.
Do I really need to worry about hackers?
We think so. Your site is likely to be under attack every day, and without protection it's just a matter of time before an intruder gains access.
How much does GuardGiant cost?
GuardGiant is free to download and use.
Is this plugin compatible with Cloudflare or other CDNs?
Yes.
Load balancers and CDNs are known as reverse proxies. Due to the nature of these services, all visits to your website are logged with the IP address of the proxy rather than the visitor’s actual IP address. To remedy this, the visitor's IP address is provided in a 'header field' which GuardGiant will pick up and use.
How is GuardGiant licensed?
GuardGiant is written by WordPress experts with many years of experience. This plugin is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. See the GNU General Public License for more details.
Still have a question? email support@guardgiant.com
Secure Your Website Now
The GuardGiant plugin for WordPress is free to download and use.