Plugin Directory

Block Default Login Attempts

Completely block default admin user login attempts in WordPress.

The greatest hack focus on a WordPress site seems to be trying to log in with the default username "admin". This plugin detects all login attempts with that username and exits with a 403 Forbidden header. This should eventually discourage login bots from continuing to pound your site.

All attempts are logged inside the /wp-content/plugin-data folder, just in case you need the info. Logs are kept for up to 30 days.

Requires: 3.0 or higher
Compatible up to: 3.9.9
Last Updated: 2014-5-21
Active Installs: 90+


5 out of 5 stars


Got something to say? Need help?


Not enough data

0 people say it works.
0 people say it's broken.