Limit Login Attempts

Limit Login Attempts

What It Does

This module tracks failed login attempts and temporarily blocks IP addresses or usernames that exceed the configured limit. You can set how many failed attempts are allowed before blocking occurs, and how long the block should last.

When someone exceeds the limit, they are temporarily blocked from attempting to log in. After the configured time period, the block is automatically lifted, allowing legitimate users to try again. This protection helps prevent brute-force attacks where attackers try thousands of password combinations.

Why It Matters

Login attacks are one of the most common ways attackers try to gain access to WordPress websites.

By strengthening your login security, you significantly reduce the risk of unauthorized access to your website.

How to Use

Activate this module in the Users & Login section of SecuPress settings.

Once activated, you can configure how many failed login attempts are allowed before blocking occurs, and how long the block should last. The module automatically tracks and blocks suspicious login activity.

Once activated, the module works automatically and provides protection for your website.

If you encounter any issues after activation, you can temporarily deactivate the module. The module will automatically remove its protection rules when deactivated.