Limit Login Attempts Reloaded stops brute force attacks and optimizes your site performance by limiting the number of login attempts that are possible through the normal login as well as XMLRPC, Woocommerce and custom login pages. This is the only plugin you’ll need for your login security needs with over 2 million downloads worldwide.
This plugin will block an Internet address (IP) and/or username from making further attempts after a specified limit on retries has been reached, making a brute force attack difficult or impossible.
WordPress by default allows unlimited login attempts. This can lead to passwords being easily cracked via brute force.
Limit Login Attempts Reloaded
Limit Login Attempts Reloaded Premium Cloud App
Enables cloud protection for Limit Login Attempts Reloaded plugin and enhances your login security. It comes with all the great features you’ll need to stop hackers and bots from brute force attacks. The cloud app offers several features including advanced protection out of the box, and the ability for site admins and agencies to sync safelists/blocklists across multiple domains. Click here to activate the cloud app for the best WordPress security plugin now!
- Limit the number of retry attempts when logging in (per each IP).
- Configurable lockout timings.
- Informs the user about the remaining retries or lockout time on the login page.
- Email notification of blocked attempts.
- Logging of blocked attempts.
- Safelist/Blocklist of IPs and Usernames (Support IP ranges).
- Sucuri compatibility.
- Wordfence compatibility.
- XMLRPC gateway protection.
- Woocommerce login page protection.
- Multi-site compatibility with extra MU settings.
- GDPR compliant.
- Custom IP origins support (Cloudflare, Sucuri, etc.)
Features (Premium Cloud App):
- Performance Optimizer – Brute force attacks absorbed in the cloud (Up to 100k requests monthly).
- Throttling – Longer lockout intervals each time a hacker/bot tries to login unsuccessfully.
- Auto Backups of All Data
- Intelligent IP Blocking/Unblocking – Make sure the legitimate IP’s are allowed automatically.
- Synchronized Lockouts – Lockouts can be shared between multiple domains.
- Synchronized Safelist/Blocklist – Safelist/Blocklist can be shared between multiple domains.
- Premium Support – Get answers within 24 hours in our support forum.
- Enhanced lockout logs – A log of lockouts with extra features.
- CSV Download of IP Data
- Supports IPV6 Ranges For Safelist/Blocklist
- Unlock The Locked Admin – Easily unlock the locked admin through the cloud.
Upgrading from the old Limit Login Attempts plugin?
- Go to the Plugins section in your site’s backend.
- Remove the Limit Login Attempts plugin.
- Install the Limit Login Attempts Reloaded plugin.
All your settings will be kept intact!
Many languages are currently supported in the Limit Login Attempts Reloaded plugin but we welcome any additional ones.
Help us bring Limit Login Attempts Reloaded to even more countries.
Translations: Bulgarian, Brazilian Portuguese, Catalan, Chinese (Traditional), Czech, Dutch, Finnish, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish
Plugin uses standard actions and filters only.
Based on the original code from Limit Login Attempts plugin by Johan Eenfeldt.
Limit Login Attempts Reloaded™ is a trademark of Atlantic Silicon Inc. When writing about the plugin, please make sure to use Reloaded after Limit Login Attempts. Limit Login Attempts is the old plugin.
* Limit Login Attempts Reloaded (correct)
* Limit Login Attempts (incorrect)