BruteBank – WP Security & Firewall



Blocking website attacks from your phone, designed for WordPress users.

BruteBank is an interactive firewall plugin that allows WordPress owners and server administrators to receive real time threat notifications via a mobile app. This app then allows for immediate threat mitigation by blocking attacking IP addresses.

Login Monitoring

The BruteBank WordPress plugin monitors invalid login attempts to username and password logins as well as password protected pages. It then reports those attacks to the cloud for processing and fingerprinting.

App Alerts

Using the app you and your team are able to review attacking IP addresses organized by country and user. Blocking specific addresses or entire country and user targeted attacks with a swipe of your finger.

Instant Firewall Blocks

The threats you block in the app are imported by the BruteBank WordPress plugin blocking attackers instantly. Any further attempts by the attacker will result in a 403 forbidden message.

XML-RPC Blocking

XML-RPC is a WordPress API that allows developers to login and manage your website content. Unless youre sure your website is using this feature, you should disable it. With BruteBank you can disable the XML-RPC API to prevent attackers from brute forcing your login credentials with a flip of a switch.


Setting up the WordPress plugin is as easy as a few clicks.

Installing the WordPress Plugin

  1. Login to your WordPress WP-Admin area as an Administrator.
  2. Click on Plugins -> Add New in the left hand menu.
  3. Search for Brutebank in the keyword search.
  4. Click Install Now next to the BruteBank plugin.

Configuring the WordPress Plugin

  1. Navigate to the Plugins -> Installed Plugins section in the left hand menu.
  2. Click Activate next to the BruteBank plugin.
  3. Click Settings next to the BruteBank plugin.
  4. Copy and paste the public key and secret key you created in the Setting up a Server key pair section under Getting Started.
  5. Click the Update button.

Your WordPress plugin is now configured and reporting attacks to your mobile app!

Learn more and signup at



BruteBank for WordPress is $4.95 per month. Thats only $0.16 per day!

Yes, you can invite an unlimited number of users to your team.

Team rule sets are blocks identified by other servers on your team. You can configure the rule import URL to include or exclude team rules easily.

You can contact our support team via our website at:

Yes! Simply turn on the Disable XMLRPC feature within the BruteBank settings. You can also add the below code to your .htaccess file if youd like to remove it completely from public access, which is recommended.

   Require all denied  

Yes! Simple turn on the Enable 2FA ( Two Factor Authentication ) feature win the BruteBank settings.

Leave a Reply

Your email address will not be published.

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed

Most Viewed Posts