Brute Force Login Protection

Protects your website against brute force login attacks using .htaccess

Author:Fresh-Media (profile at wordpress.org)
WordPress version required:2.7.0
WordPress version tested:4.8.17
Plugin version:1.5.3
Added to WordPress repository:25-06-2014
Last updated:29-06-2017
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
Rating, %:82
Rated by:18
Plugin URI:http://wordpress.org/plugins/brute-force-logi...
Total downloads:87 774
Active installs:10 000+
plugin download
Click to start download

A Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in.
Brute Force Login Protection is a lightweight plugin that protects your website against brute force login attacks using .htaccess.

After a specified limit of login attempts within a specified time, the IP address of the hacker will be blocked.

Features

  • Limit the number of allowed login attempts using normal login form
  • Limit the number of allowed login attempts using Auth Cookies
  • Manually block/unblock IP addresses
  • Manually whitelist trusted IP addresses
  • Delay execution after a failed login attempt (to slow down brute force attack)
  • Option to inform user about remaining attempts on login page
  • Option to email administrator when an IP has been blocked
  • Custom message to show to blocked users

Contribute

If you’d like to make a contribution to the Brute Force Login Protection plugin, you can submit a pull request to our GitHub Repository.
You can also create a thread in our Support Forum.
Your feedback is highly appreciated!

Donate

If you’d like to make a donation to the Brute Force Login Protection plugin, you can do so via PayPal by clicking here.