Here is an explanation about brute force attack from Wikipedia

In computer science, brute-force search or exhaustive search, also known as generate and test, is a trivial but very general problem-solving technique that consists of systematically enumerating all possible candidates for the solution and checking whether each candidate satisfies the problem's statement.

Donncha O Caoimh's posting has 2 really good ideas.

1) Use a small script to log some *unusual* POST requests
By using the script Donncha was notified when somebody was trying to get into his wordpress blogs.

Credits: Donncha O Caoimh
[code language="php"]
if ( ( isset( $HTTP_RAW_POST_DATA ) || !empty( $_POST ) ) && $_SERVER[ 'REQUEST_URI' ] != '/wp-cron.php?doing_wp_cron' && $_SERVER[ 'SCRIPT_NAME' ] != '/wp-comments-post.php' && substr( $_SERVER[ 'REQUEST_URI' ], -10 ) != '/trackback' && substr( $_SERVER[ 'REQUEST_URI' ], -11 ) != '/trackback/' ) {
mail( "MYEMAIL@gmail.com", $_SERVER[ 'HTTP_HOST' ] . " POST request: " . $_SERVER[ 'REMOTE_ADDR' ], "URL: {$_SERVER[ 'REQUEST_URI' ]}nPOST: " . print_r( $_POST, 1 ) . "nCOOKIES: " . print_r( $_COOKIE, 1 ) . "nHTTP_RAW_POST_DATA: $HTTP_RAW_POST_DATA" );
}
[/code]

2) Use the limit login attempts WordPress plugin

Here is some info about the plugin
Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.

Referral Note: When you purchase through a referral link (if any) on this page, we may earn a commission.
If you're feeling thankful, you can buy me a coffee or a beer