Everybody's recommending WordFence but full installation requires modifying htaccess. It's just a few clicks, I understand, but I'm worried this could slow the site down
Both solutions are fine, as are dozens of other solutions for bruteforce protection. Try them both and see if there is any actual slowdown of the site. Should go without saying that WordFence is a more “comprehensive” security solution offering lots of features while Limit Login Attempts primarily does one thing (well).
I prefer LimitLoginAttempts as it is “one taks-one plugin, one plugin-one task”, if I have to use plugin. My game is fail2ban rules.
Beside WordFence, there are other security plugins; worth mentioning are Defender, NinjaFirewall, Jeff Star’s BBQFirewall and Blackhole, among others.
I would advise disabling Limit Login Attempts Reloaded and relying on WordFence’s built-in Brute Force Protection feature.
Both solutions are fine, as are dozens of other solutions for bruteforce protection. Try them both and see if there is any actual slowdown of the site. Should go without saying that WordFence is a more “comprehensive” security solution offering lots of features while Limit Login Attempts primarily does one thing (well).
I prefer LimitLoginAttempts as it is “one taks-one plugin, one plugin-one task”, if I have to use plugin. My game is fail2ban rules.
Beside WordFence, there are other security plugins; worth mentioning are Defender, NinjaFirewall, Jeff Star’s BBQFirewall and Blackhole, among others.
I would advise disabling Limit Login Attempts Reloaded and relying on WordFence’s built-in Brute Force Protection feature.