Automattic Acquires BruteProtect to Block WordPress Brute Force Attacks

1 comment

Automattic, the parent company of, announced on Tuesday that it has acquired BruteProtect, a plugin and service designed to protect WordPress users from malicious logins. The terms of the deal have not been disclosed.

According to its website, BruteProtect has been installed on 106,692 sites and has defended against 140,168,937 brute force attempts.

With the acquisition, Automattic will retire BruteProtect as a standalone product, and instead make it available as part of Jetpack, a plugin that allows self-hosted users to install over two dozen popular plugins with one-click. For now, the BruteProtect premium service (which starts at $5 per month per site) will be free for every BruteProtect user and Jetpack-enabled site.

BruteProtect was founded in spring 2013, and received funding from an angel investor in January. BruteProtect initially reached out to Automattic founder Matt Mullenweg for funding, but obviously Automattic felt it would be more suited to an acquisition. The BruteProtect team will join the Jetpack team as part of the deal.

“The BruteProtect team is based in Portland, Maine and they’re long-time contributors to the WordPress community,” Mullenweg said in a statement. “We’re excited to see them join forces with the Jetpack team and up the level of security, protection and peace of mind we’ll be able to bring to the millions of sites already using Jetpack.”

WordPress security can be a serious threat to businesses if they do not keep on top of plugin updates. Even managed WordPress hosting users must take some proactive steps in ensuring their sites are up to date, but tools like BruteProtect help automate the process of updating plugins.

Investor interest has proved strong in WordPress as Pantheon raised $21.5 million in May, and in January, WordPress hosting provider WP Engine raised $15 million in funding.

Add Your Comments

  • (will not be published)

One Comment

  1. Currently BruteProtect is merged with JetPack and Automattic suggests to install the latter. To me JetPack is too overloaded with features and I'm not interested in anything from it, except the wp-login protection. Maybe you advise what I can use instead? Any similar plugin with just a protection functionality, which is as good as BruteProtect?