I've been looking through security plugins for WordPress for a long time. You'll find there's plugins that purport to do a lot, and others that are more focused. In any case, you'll find the all encompassing ones can be more of a headache if settings aren't set quite right for your particular environment and also quite the resource hit. From my experience, targeting a few specific security tasks with smaller plugins is a better approach. Login Security Solution is one such tool in my arsenal, and I recommend it.
My only complaints are that the user error messages are sometimes confusing to end users. I also wish the plugin allowed for a seven character length password (the same as a default WordPress installation). I've seen the plugin author's rationale for requiring passwords to be a minimum of 10 characters in the forums (simply put, the longer the password the more secure), but it would avoid the headaches that are induced when the default WordPress password hint ("at least 7 characters...") is presented to users, which can and have occurred with changes to the WordPress core or conflicts with other plugins.
All in all, I definitely recommend it, because the benefit outweighs the support related issues, it works, and I haven't found a better solution.
Good plugin, I translated it into Italian.
If any body interested I give you mo and po files.
Implemente el pluging de seguridad en servipo.com.uy y la verdad que hasta el momento eh quedado contenido con la funcionalidad del mismo ya que tiene una interfaz fácil de utilizar y parece ser muy eficiente en cuando a seguridad y vigilancia.
This plugin is great, but the "force password" function didn't work properly while i had site stats activated in jetpack. The redirect to the password-reset page didn't work properly (users just logged out but weren't redirected)
I know this isn't very descriptive, but I don't have many other details. My site was throwing internal server errors like crazy for about an hour today. Forms on the front end were unusable, and doing pretty much anything from the back end was impossible. Deactivating this plugin cleared it up.
Before today, it seemed to work alright. Although when logging in I would occasionally see "2 attempts left", or similar, even on my first attempt.
edit: looking now to figure out if this might have been something else.
A few weeks ago, it helped repel a brute force attack, and notified me of it by email.
You must log in to submit a review. You can also log in or register using the form near the top of this page.