Secure Grav from Brute-Force Attacks

Just like WebHost Manager (WHM) has cPHulk, Grav includes built-in brute force protection with the Login plugin. Below we cover how to set maximum login and password reset attempts.

Note: The Login plugin is installed with Grav + Admin Plugin by default.

Edit Login Security Settings

  1. Log into Grav.
  2. Select Plugins on the left.
  3. Click the Login plugin name to view its settings and info.
  4. Select the Security tab.
  5. Change the following settings as desired:
    Max password resets countReset requests allowed at once (0 = unlimited)
    Max password resets intervalMinutes to track password resets
    Max logins countFailed login attempts allowed at once (0 = unlimited)
    Max logins intervalMinutes to track login attempts

    Grav Login Security settings

  6. Press Save at the upper-right.

Afterwards, schedule backups for worst case scenarios. Learn more about Grav in our Support Center.

InMotion Hosting Contributor
InMotion Hosting Contributor Content Writer

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting

Was this article helpful? Join the conversation!