Protection Mode⇑
Description
Specifies the action to be taken when the specified Allowed Login Attempts limit is reached within 5 minutes.
Throttle gradually slows down the speed of the server response, Drop severs the connection without any reply, Deny returns a 403 response, and CAPTCHA or Drop redirects to a CAPTCHA if reCAPTCHA Protection is enabled and drops otherwise.
WP Login CAPTCHA Full Protection can also be selected. This setting will redirect to a CAPTCHA if ReCAPTCHA Protection is enabled regardless of Allowed Login Attempts limit and falls back to use Throttle otherwise.
Default values:
Server level: Throttle
VH level: Inherit Server level setting. If Server level is set to Disable, Throttle will be used.
Syntax
Select from drop down list
Tips
Trusted IPs or sub-networks are not affected.
This can be set at the Server level and overwritten at the Virtual Host level. If not overridden at the Virtual Host level, this setting can also be overridden in a user's docroot .htaccess file using Apache configuration directive WordPressProtect with value 0 (disabled), 1 (use server level setting), throttle, deny, or drop.