Brute Force Attack Mitigation Using WordPress and MikroTik Firewall
DOI:
https://doi.org/10.32764/gct4q078Keywords:
Brute force attack, Firewall integration, MikroTik router, Website securityAbstract
This study discusses the development and implementation of a brute force attack mitigation system for websites by integrating WordPress-based detection with a MikroTik router firewall. Brute force attacks remain one of the most common threats to web authentication systems, particularly for educational institutions that rely on Content Management Systems such as WordPress. Conventional protection methods often depend solely on application-level mechanisms, which may increase server workload and reduce effectiveness during large-scale attacks.
This research employed a Research and Development approach, including system analysis, design, implementation, and testing. The proposed system monitors repeated failed login attempts on the WordPress login page. When a predefined threshold is exceeded, the attacker’s IP address is automatically transmitted to the MikroTik router through the RouterOS API and blocked using firewall address-list rules. Functional testing was conducted to ensure system reliability and accuracy.
The results indicate that the integrated system successfully detects and blocks brute force attacks in real time, preventing repeated unauthorized access attempts and reducing server processing load. The system provides a practical and cost-effective solution for improving website security, particularly for educational institutions with limited cybersecurity resources.




