Limit Login Attempts

plugin banner

Limit Login Attempts for Login Protection.

Author:miniOrange (profile at
WordPress version required:2.0.2
WordPress version tested:6.0
Plugin version:4.0.71
Added to WordPress repository:27-06-2016
Last updated:22-04-2022
Rating, %:78
Rated by:15
Plugin URI:
Total downloads:80 700
Active installs:3 000+
plugin download
Click to start download

The miniOrange Limit Login Attempts plugin primarily provides a comprehensive security package to secure your site. We provide Limit Login, IP blocking, and Spam Protection as a deterrent against Brute Force attacks, Google reCAPTCHA, and Rename Login URL to secure your site against bots, and provide Spam Protection.
The Limit Login Attempts will protect from brute force by Limit login,Ip blocking, rename login url and protects from spam/bot protection by Google recaptcha.

Features :-


Limit Login Attempts to protect your site from attacks that try to gain access/login to a site with random usernames and passwords. A Brute Force Attack is the simplest kind of method to gain access to a website. You can limit the login attempts made by an IP and block it as well. Limit Login Attempts


We help you protect your website against brute force login attacks by blocking an IP address of the hacker after a specified limit of failed login attempts within a specified time.
When using Limit Login Attempts, you can block the user after certainly failed login attempts thus providing extra login security.


Spam protection protects your site using Google reCAPTCHA.

Rename Login URL

Every website has default login URLs, which all hackers, bots, and malicious attackers are aware of. Once they reach your login page, they only need to guess your password to gain access, which is why protecting your site’s login page by Rename login URL is critical for its security.


By default, WordPress allows users to try different passwords as many times as they want, this is also known as a brute force attack. However, you can change this and add an extra layer of login security to protect your site.
Brute Force Limit Login Protection with IP Blocking security help you monitor login attempts from your users and hackers. We keep track of users login attempts and we send alerts to administrators for unusual activities if someone exceeds allowed failed login attempts.


Spam protection of Limit Login Attempts helps you detect suspicious email addresses instantly and provides a means for effective spam protection.
* Realtime Global IP blocking – It protects your website from malicious IPs and lets the genuine traffic on your WordPress.
* Rate Limiting – It controls the number of incoming requests from a specific IP to your website
* Login Security – Limit Login Attempts and track user login attempts
* Anti Spam Protection: Spam protection protects your website from spammers by using google Recaptcha for comments
* User Registration Security – Disallow Disposable / Fake email addresses
* Brute Force Login / Attacks Protection (Login Security) – We keep track of users’ login attempts and we send alerts to administrators for unusual activities if someone exceeds allowed failed login attempts.
* IP Blocking – Manual and automatic blocking of IPs ( Blacklisting and whitelisting included ).
* Protection for WordPress files – We provide you the option to prevent access to users from browsing directory content and editing files from WP Dashboard (Themes and plugins).
* Google reCAPTCHA protection for login, and registration.

Advanced Features :-

  • Advanced Blocking – Block users based on: IP range, Country, Browser / User-Agent, Referer, and HostName (DNS)
  • Htaccess Website Security Protection- Secure your website from unintended users with access website security protection which blocks user requests on the server(apache) level. htaccess vs firewall
  • Comment SPAM Filter and Site SPAM Check/Spam Protection – We check if your website is generating SPAM to protect your website from getting blocked by search engines.
  • SPAM Protection and google reCAPTCHA for comments – Google reCAPTCHA protects your website from spam and abuse. google reCAPTCHA uses an advanced risk analysis engine and adaptive google reCAPTCHAs to keep automated software from engaging in abusive activities on your site.
  • Notification to admin and end users – Send Email Alerts for IP blocking and unusual activities with a user account
  • DOS (Denial of service) attacks protection – Protect your resources from DOS attacks by slowing down attackers by delaying response and increasing delay in each of his requests and eventually blocking them entirely.
  • Country Blocking – If you have a website that gets inundated with SPAM or hacking attempts from visitors or bots originating from certain countries we can help you block those attempts.