Just like WebHost Manager (WHM) has cPHulk, Grav includes built-in brute force protection with the Login plugin. Below we cover how to set maximum login and password reset attempts.
Note: The Login plugin is installed with Grav + Admin Plugin by default.
Edit Login Security Settings
- Log into Grav.
- Select Plugins on the left.
- Click the Login plugin name to view its settings and info.
- Select the Security tab.
- Change the following settings as desired:
Max password resets count Reset requests allowed at once (0 = unlimited) Max password resets interval Minutes to track password resets Max logins count Failed login attempts allowed at once (0 = unlimited) Max logins interval Minutes to track login attempts
- Press Save at the upper-right.
Afterwards, schedule backups for worst case scenarios. Learn more about Grav in our Support Center.