Limit Login Attempts

€0

Limit the number of login attempts possible both through normal login as well as using auth cookies. By default WordPress allows unlimited login attempts either through the login page o

Version	1.7.2
Last updated	2023.04.08
Active installations	500000
WordPress Version	2.8
Tested up to	6.2.4
pa_languages	Albanian,,Bulgarian,,Catalan,,Chinese,(China),,Chinese,(Taiwan),,Croatian,,Czech,,Danish,,Dutch,,English,(Australia),,English,(Canada),,English,(New,Zeal),,English,(UK),,English,(US),,Finnish,,French,(Canada),,French,(France),,Galician,,German,,Hebrew,,Hungarian,,Italian,,Japanese,,Lithuanian,,Norwegian,(BokmÃ¥l),,Portuguese,(Brazil),,Romanian,,Russian,,Slovak,,Spanish,(Spain),,Spanish,(Venezuela),,Swedish,,Turkish,,Ukrainian
Rating	4.50
Total ratings	201
Tag	authenticationloginsecurity

This plugin is outdated and might not be supported anymore.

Go back

View on WordPress site

Description

Limit the number of login attempts possible both through normal login as well as using auth cookies.

By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.

Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.

Features

Limit the number of retry attempts when logging in (for each IP). Fully customizable
Limit the number of attempts to log in using auth cookies in same way
Informs user about remaining retries or lockout time on login page
Optional logging, optional email notification
Handles server behind reverse proxy
It is possible to whitelist IPs using a filter. But you probably shouldn’t. 🙂

Translations: Bulgarian, Brazilian Portuguese, Catalan, Chinese (Traditional), Czech, Dutch, Finnish, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish

Plugin uses standard actions and filters only.