IIS: How to Protect Your Joomla Site from Brute Force Attacks.
Brute-force attacks can slow down your Joomla website, make it inaccessible and even crack your password to install malware on your website.
We can stop it using the following solution (in web.config):
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
</system.webServer>
<!-- Existing Configuration Excluded -->
<location path="administrator/index.php" overrideMode="Allow">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
</configuration>
Important: This solution assumes that you have following IIS components installed:
- anonymousAuthentication
- windowsAuthentication