{"id":302266,"date":"2026-05-09T17:58:30","date_gmt":"2026-05-09T17:58:30","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/dominoguard-limit-login-attempts-brute-force-protection-2fa-firewall\/"},"modified":"2026-05-09T18:03:09","modified_gmt":"2026-05-09T18:03:09","slug":"dominoguard-security","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/dominoguard-security\/","author":23147279,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.0.0","stable_tag":"1.0.0","tested":"6.9.4","requires":"5.8","requires_php":"7.2","requires_plugins":null,"header_name":"DominoGuard Security","header_author":"Digital Web Tutor","header_description":"A focused, minimalistic security plugin offering limit login attempts, brute force protection, 2FA, and a basic firewall.","assets_banners_color":"19374d","last_updated":"2026-05-09 18:03:09","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"","header_author_uri":"https:\/\/digitalwebtutor.com","rating":0,"author_block_rating":0,"active_installs":0,"downloads":43,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.0":{"tag":"1.0.0","author":"dominopress","date":"2026-05-09 18:03:09"}},"upgrade_notice":[],"ratings":[],"assets_icons":{"icon-256x256.png":{"filename":"icon-256x256.png","revision":3527364,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-772x250.png":{"filename":"banner-772x250.png","revision":3527364,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0"],"block_files":[],"assets_screenshots":[],"screenshots":[],"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[9211,1174,9374,600,1909],"plugin_category":[54],"plugin_contributors":[239477],"plugin_business_model":[],"class_list":["post-302266","plugin","type-plugin","status-publish","hentry","plugin_tags-2fa","plugin_tags-firewall","plugin_tags-limit-login-attempts","plugin_tags-security","plugin_tags-two-factor-authentication","plugin_category-security-and-spam-protection","plugin_contributors-digitalwebtutor","plugin_committers-digitalwebtutor","plugin_committers-dominopress"],"banners":{"banner":"https:\/\/ps.w.org\/dominoguard-security\/assets\/banner-772x250.png?rev=3527364","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/dominoguard-security\/assets\/icon-256x256.png?rev=3527364","icon_2x":"https:\/\/ps.w.org\/dominoguard-security\/assets\/icon-256x256.png?rev=3527364","generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p><strong>DominoGuard<\/strong> is a focused, minimalistic security solution for WordPress. Designed to be fast and lightweight, it provides the essential security features every website needs with a clean configuration.<\/p>\n\n<h4>Key Features<\/h4>\n\n<ul>\n<li><strong>Limit Login Attempts<\/strong>: Automatically block IPs for 15 minutes after 5 continuous failed login attempts, keeping brute-force attacks at bay.<\/li>\n<li><strong>Email Two-Factor Authentication (2FA)<\/strong>: Add an extra layer of security for Administrators. When enabled, logging in requires a 6-digit code sent to the admin's email address.<\/li>\n<li><strong>Brute Force Protection<\/strong>: Easily disable XML-RPC, a common vector for brute force and pingback attacks.<\/li>\n<li><strong>Block User Enumeration<\/strong>: Prevent attackers from discovering your administrator username by blocking <code>\/?author=N<\/code> query scans.<\/li>\n<li><strong>Basic Firewall<\/strong>: A lightweight WAF that silently blocks simple directory traversal attempts (<code>..\/<\/code>) and basic malicious query strings commonly found in automated SQL injections.<\/li>\n<\/ul>\n\n<h4>Why DominoGuard?<\/h4>\n\n<p>Many security plugins suffer from excessive features that can impact performance. DominoGuard focuses on delivering efficient performance by utilizing standard WordPress functions, keeping your site secure with minimal resource usage.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>dominoguard-security<\/code> directory to your <code>\/wp-content\/plugins\/<\/code> directory, or install it directly via the WordPress Plugins menu.<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress.<\/li>\n<li>Navigate to <strong>Settings &gt; DominoGuard<\/strong> in the admin dashboard.<\/li>\n<li>Toggle the security features you wish to enable and click \"Save Settings\".<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"how%20does%20the%20email%202fa%20work%3F\"><h3>How does the Email 2FA work?<\/h3><\/dt>\n<dd><p>When \"Enable Email 2FA\" is active, Administrators will be prompted to enter a 2FA code during login. If the password is correct, the plugin sends a secure 6-digit code to the administrator's email. This code must be entered into the \"2FA Code\" field on the login screen, alongside the username and password, to successfully log in.<\/p><\/dd>\n<dt id=\"will%20dominoguard%20slow%20down%20my%20website%3F\"><h3>Will DominoGuard slow down my website?<\/h3><\/dt>\n<dd><p>No. DominoGuard is built with a minimalist philosophy. It runs efficient code with minimal impact on your website performance.<\/p><\/dd>\n<dt id=\"do%20i%20need%20to%20configure%20the%20firewall%3F\"><h3>Do I need to configure the Firewall?<\/h3><\/dt>\n<dd><p>No configuration is needed. When enabled, it quietly blocks some explicit malicious patterns in URLs before WordPress even loads fully, keeping you safe.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial Release.<\/li>\n<\/ul>","raw_excerpt":"A minimalistic, lightweight security plugin offering limit login attempts, brute force protection, email 2FA, and a basic firewall.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/302266","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=302266"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/digitalwebtutor"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=302266"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=302266"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=302266"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=302266"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=302266"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=302266"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}