Blocking WordPress attacks from your phone

A login security plugin featuring real time blocking and Two Factor Authentication ( 2FA ).

wordpressDownload BruteBank
Your activity is below
0 | new threat notifications
0 | imminent threats
Site Name
Site Name
Site Name

Why choose BruteBank?

Simple To Use

BruteBank is easy, some might even call it fun. Use our mobile app to block intrusion attempts with one swipe. BruteBank push notifications alert you whenever your site is at risk.

Protect from anywhere

BruteBank is always on. No matter where you are or the time of day, the BruteBank app is protecting your site.

Instant Blocking

BruteBank is ready to protect one or all of your WordPress sites. Manage intrusion detection with our simple security plugin and companion mobile app.

What does BruteBank do?

In Plain English

Your WordPress site is under constant threat of intrusion and hacking attempts. BruteBank is a plugin that monitors your WordPress site login (and password-protected pages) and alerts you of any failed login attempts via our mobile app. You can review these attempted logins and ignore them or block them. Blocking an attempt prevents the offending IP address from accessing your login pages ever again.


Login Monitoring

The BruteBank Wordpress security plugin monitors invalid WordPress login attempts (as well as password protected pages). BruteBank then reports those attacks to the cloud for processing and fingerprinting.

Invalid LoginReported to for fingerprinting

Unknown username. Check again or try your email address.

Lost your password?

← Back to Website

1h ago
Multiple Service Attacks Detected
199 Attacks from China, Thailand and 15 others


App Alerts

Using the app you are able to review attacking IP addresses organized by country and user. Block specific addresses, an entire country or user targeted attacks - all with a swipe of your finger.


Firewall Blocks

The threats you block in the app are imported by the BruteBank Wordpress plugin - blocking attackers instantly. Any further attempts by the attacker will result in a 403 forbidden message.


Access Denied

You do not have permission to access this page.




XML-RPC is a WordPress API that allows developers to login and manage your website content. Unless you're sure your website is using this feature, you should disable it. With BruteBank you can disable the XML-RPC API to prevent attackers from brute forcing your login credentials with a flip of a switch.

Two Factor


Manage admin access to your WordPress website directly from our mobile app. Approve or deny any successfully admin logins with 2FA using the tap of a button.

Admin is requesting two-factor authentication.
Approve Reject
2 Factor

Honest Pricing

Find the pricing plan that suits you best


$4.95 monthly

 1 Server or WordPress site
 Server Firewall Protection
 WordPress Security Plugin
 Mobile App Integration
 Unlimited Updates


$39.95 monthly

 5 Servers or WordPress sites
 Server Firewall Protection
 WordPress Security Plugin
 Mobile App Integration
 Unlimited Updates

Try it free for 30 days

$99.95 monthly

 10 Servers or WordPress sites
 Server Firewall Protection
 WordPress Security Plugin
 Mobile App Integration
 Unlimited Updates

Space Station

$199.95 monthly

 20 Servers or WordPress sites
 Server Firewall Protection
 WordPress Security Plugin
 Mobile App Integration
 Unlimited Updates


Download BruteBank

Try BruteBank free for 30 days

WordPressDownload BruteBank

Stay Informed

Subscribe to our newsletter for updates and upcoming releases. We won't share your information. Period.