WordPress.org

Plugin Directory

Test out the new Plugin Directory and let us know what you think.

Brute Force Login Protection

Protects your website against brute force login attacks using .htaccess

A Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in. Brute Force Login Protection is a lightweight plugin that protects your website against brute force login attacks using .htaccess.

After a specified limit of login attempts within a specified time, the IP address of the hacker will be blocked.

Features

  • Limit the number of allowed login attempts using normal login form
  • Limit the number of allowed login attempts using Auth Cookies
  • Manually block/unblock IP addresses
  • Manually whitelist trusted IP addresses
  • Delay execution after a failed login attempt (to slow down brute force attack)
  • Option to inform user about remaining attempts on login page
  • Option to email administrator when an IP has been blocked
  • Custom message to show to blocked users

Contribute

If you'd like to make a contribution to the Brute Force Login Protection plugin, you can submit a pull request to our GitHub Repository. You can also create a thread in our Support Forum. Your feedback is highly appreciated!

Donate

If you'd like to make a donation to the Brute Force Login Protection plugin, you can do so via PayPal by clicking here.

Requires: 2.7.0 or higher
Compatible up to: 4.2.11
Last Updated: 2 years ago
Active Installs: 20,000+

Ratings

4.1 out of 5 stars

Support

0 of 1 support threads in the last two months have been marked resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

100,1,1 100,1,1 100,1,1 100,1,1
100,1,1 100,1,1 100,1,1 100,1,1
100,1,1
100,1,1 100,1,1 100,1,1
100,1,1
100,1,1
100,1,1
100,1,1
100,1,1
100,1,1
100,1,1
100,1,1
67,3,2
100,1,1
100,1,1
100,1,1
100,2,2
0,1,0
100,2,2