One plugin-free layer of protection you could implement is to route your traffic through a site like CloudFlare that has built in brute force protection. The free version is a great layer of protection with paid tiers if you need the added features. I have used this for several of my sites.
I am with you in that I try to use as few plugins as necessary.
*note: felt this would have been better as a comment but did not have the necessary reputation.*
Related Posts:
- How to properly secure my WordPress installation?
- How Restrict access to admin dashboard by specific static ip?
- How to delete Passwrd Protected posts cookies when a user logged out from the site
- Why can’t I access my Intranet LDAPS with NADI?
- Custom wordpress Theme and Plugin repository
- Specific way to allow WordPress users to view their current password? And edit it?
- Custom API plugin to execute 3rd party API to retrieve data
- 404 errors when updating options in admin dashboard
- Manual Backup – How to save to Firefox or Chrome (instead of IE which brings up popup I can’t get rid of)
- My WP site and password was hacked, what to do? [closed]
- How to delete Password Protected posts cookies when a user logged out from the site
- How to implement a customizable free OpenID authentication?
- Difference between add_filter and apply_filters
- Creating Unique Post URLs for A/B Testing… Is this even possible?
- How to delete the Hello Dolly plugin automatically?
- Show Similar Post Titles ( Similar to Stack Exchange )
- How do I unlock a post programmatically?
- How to enable edit button in the theme’s customize UI?
- How to check plugins for malicious code?
- Open external links in a new window
- How can I limit functionality in one version of a plugin?
- How to add usermeta to “Notice of Email Change” email message
- What’s the recommended process for organising collaborative posting?
- Any way to use a custom Parameter for youtube embed without using an iframe?
- WordPress plugin search does not work and updates are not shown, VPS install
- WordPress 3.1 and Disqus throws Warning: number_format() error in Posts List
- How to create a word press user with hashedpassword
- How can I rewrite a plugin generated URL?
- register_post_status invisible but searchable
- Questions about brute force attacks on the admin username, coming from amazon IP addresses
- Leveraging WordPress Comments on Custom Plugin Object page
- Debugging Technique Question re: functions.php
- Is there a way to alter the order in which the plugins appear in the page?
- Plugin Customization Lost During Plugin Upgates
- Is it possible to use WordPress as an online portfolio for text content? What kind of theme would I look for?
- Custom Field Template seriously messed up in WP 3.1.1
- Plugin upgrade issue
- My plugin wants to update another plugin
- I have no idea “How change font for elements in widget?”
- What’s the best way to implement AJAX in WordPress?
- How to block plugin activations with no known user or coming from unknown IP address range?
- Check for security updates
- Standard Fail2Ban vs. WP Fail2ban vs. WP Fail2Ban Redux
- Display encrypted content on my website
- Save custom attributes of product in woocommerce
- Malicious File Upload [closed]
- How do I make a child theme I made POST through a 3rd party plugin?
- Add category selection to custom post type (plugin)
- “No Add Button” for me to customize my WordPress with themes and pluggins
- Translation plugin to translate another plugins
- How to protect WordPress from security scanner [closed]
- Contact Form 7 – Form name blank [closed]
- Customizing Titles on the Fly with Code
- Text change in Advanced Customs Fields [closed]
- Loop in elementor custom widget not working
- Historical customisations won’t go away [closed]
- .php file for woocommerce edit category? [closed]
- Plugin: connect to external database without showing password
- How to reduce Apache connections caused by plugins?
- How to display an alert when deleting a plugin?
- unregister a sidebar widget
- How to disable Wp-PageNavi at the top of the page
- Display WordPress comments before the plugins?
- Mobilepress fails to translate short codes
- woocommerce remove coupon link does not work
- Getting infinite scrolling working on my custom template
- Help to Create a Simple Plugin to make a post
- Display posts by alphabetical order
- Adding discount functionality to the cart
- Changing the CSS with a plugin
- Precheck fields when I add a new post
- Login/password protected “client page”
- Custom wp_list_tables redirect on specfic page
- Paid Membership Pro displaying a user name in PHP
- Members-only page, but accessible via sharable link
- Optimized PHP & WordPress settings for speed/performance?
- Automatically check “Enable stock management at product level” to the existing products?
- Custom SportsPress list
- Creating Nested custom fields
- How to restrict “too soon” downloads with a general rule?
- wp_verify_nonce fails always
- Plugin does not create a custom table upon activation
- Disable default posts (Posts,Pages,Comments and Media) in wp-admin
- Plugin program: JQuery not working in this plugin
- admin panel save option with ajax
- Get page type to display content
- How to fix vanilla comments extra iframe space
- Problem with permissions in wp-content/plugins
- Woocommerce quick checkout form [closed]
- How to resolve these findings from security audit
- How to add image for custom taxonomy
- Social network plugins for WordPress [closed]
- Why haven’t I see plugins using get_file_data to handle retrieving plugin version?
- Wrapping code in an if block
- How to give different user access to different people?
- How can I properly sanitize the update_option in WordPress?
- Create Custom Coupon Type
- Using ACF to allow user to add and edit multiple saved forms
- WordPress User Registration/ Sign Up -> Able to take Paid Certification Courses & keep track of Completed Certificates
- Block Root REST API Route using custom &/or iThemes