Secure your site from Brute force attacks using Sebsoft’s Anti Hammering Authentication Plugin #MoodlePlugins #MoodleSecurity

Security of your Moodle site from brute force attacks is a major concern for your Moodle Administrators since any loophole in the security may result in infected or even a total crash of your Moodle site.

By default in Moodle core there is an option under Site Policies to lockout any account based on the number of incorrect logins within a certain period of time but this may also be abused in denial of service attacks.

Sebsoft have released a new plugin to prevent hammering your Moodle login system. Hammering is the process of pretty much brute force attacking Moodle’s login system.

This plugin provides you the option to block the attack based on the IP address or username along with messaging options to administrators and adding blocked IP’s to site configuration.

Anti Hammering plugin settings

Before enabling this plugin, please make sure that you haven’t accidentally turned on the user mode in Antihammer and account lockout feature at same time as it may result in unintended side effects.

You can download the latest version of the Anti hammering plugin from the Moodle plugins database through –

What are the other security measures you have taken to secure your Moodle Site? Do let us know in the comments below.


Jaswinder Singh

Jaswinder Singh, passionate about using Moodle in improving the Indian Education System and reaching the students in far flung areas where still education seems to be a impossible prospect of life. He is the author of the popular Moodle Book "How to use Moodle 2.7". In October 2016, Jaswinder was elected as the Moodle User's Association Committee member - the first to make it from India.

Related Articles