CubeMage Login Guard

Login Guard by CubeMage provides a security solution to protect your WordPress login, registration, and comment forms against spam and brute-force attacks.

Instead of relying solely on password verification, this plugin integrates Cloudflare Turnstile to validate visitors before WordPress processes the authentication request. This approach helps reduce server load caused by automated bot attempts.

Key Features:

• Cloudflare Turnstile Integration: Uses a privacy-focused, GDPR-compliant alternative to CAPTCHA for bot verification.
• Pre-Authentication Check: Validates the Turnstile token before the database query occurs, saving server resources.
• Limit Login Attempts: Automatically blocks IP addresses after 5 consecutive failed login attempts within 15 minutes to prevent brute-force attacks.
• XML-RPC Protection: Disables XML-RPC functionality to close a common attack vector often used for DDoS attacks.
• Form Support: Adds protection to the Login form, Registration form, Lost Password form, and Comment section.
• Performance: Uses native WordPress Transients for tracking failed attempts, avoiding the creation of heavy custom database tables.

Configuration:

The plugin includes a setup interface to easily input your Cloudflare Site Key and Secret Key.