Attackers can exploit the fact that every vb page has a login form without any protection. As such they can keep on brute forcing sites. Hacking software allows attackers to keep changing IP addresses continuously allowing unlimited brute forcing.
A simple solution would be to add a custom login page on custom url and add google recaptcha to it and some other measures like hidden fields. This will make it much more difficult for automatized brute forcing.
This should be simple to make and pretty effective.
A simple solution would be to add a custom login page on custom url and add google recaptcha to it and some other measures like hidden fields. This will make it much more difficult for automatized brute forcing.
This should be simple to make and pretty effective.
Upvote
0
