How to Limit Login Attempts with LoginPress

WordPress websites are vulnerable to brute force attacks where hackers use automated scripts and long lists of usernames and passwords to crack website login. 

By default, there are no restrictions on login attempts. So, hackers continuously try to crack your WordPress site. Such unsecured websites often fall victim to these attacks. 

LoginPress plugin's Limit Login Attempts Add-on is a simple fix to this problem. It limits the number of attempts users have to log into your website, so you can easily protect your website against brute force attacks.  

Note: We assume that you have already upgraded to LoginPress Pro. If not, you can check out our guide on How To Install And Activate LoginPress PRO Version?

This knowledgebase article will show you how to limit login attempts with LoginPress on a WordPress site using the LoginPress plugin's Limit Login Attempts Add-on.

Let's get started!

Limit Login Attempts Add-on in LoginPress

Step 1: Activate Limit Login Attempts Add-on

First, go to the left sidebar of the WordPress admin dashboard. Navigate to LoginPress and click Add-Ons

Add-Ons

Next, you need to find the Limit Login Attempts Add-On and Toggle On the button to activate it.

Enable Limit Login Attempts

Step 2. Go to Limit Login Attempts Add-on

First, go to LoginPress on the left sidebar of the WordPress admin dashboard menu and click on Settings

Settings

You can see the Limit Login Attempts tab next to the Settings tab.

Limit Login Attempts with LoginPress Tab

Note: Don’t forget to click the Save Settings button to store changes made with the Limit Login Attempts Add-on.

Step 3. Get Started with Limit Login Attempts Add-on

Under the Limit Login Attempts tab, you can find the four following tabs.

  • Settings
  • Attempt Details
  • Whitelist
  • Blacklist

Blacklist Tab

Tab 1: Settings

The main functionality of the LoginPress Limit Login Attempts Add-on resides inside the Settings tab. It lets you manage login attempts to your WordPress site in terms of allowed attempts and lockout time.

Note: Don’t forget to click the Save Settings button to store changes made with the Limit Login Attempts Add-on.

Once you click the Settings tab, you’ll find the following settings.

1. Attempts Allowed: 

The Attempts Allowed feature helps you set the numbers of login attempts a user is allowed before they are locked out. 

2. Minutes Lockout: 

In this field, you need to enter the number of minutes a user won’t be able to access the website login after they’ve exhausted this limit.

3. IP Address:

You can also lock an IP address if it tries to log in too many times. Enter the IP address in this field, and make that IP Address Whitelisted or Blacklisted based on the attempt details.

4. Disable XML RPC Request

You can toggle on the XML RPC button to get remote updates to WordPress from other applications.

5. Remove Record On Uninstall

When you toggle the Remove Record On Uninstall button, this feature will help you remove all LoginPress Limit Login Attempts records upon uninstall.

Limit Login Attempts Settings Tab

Once you are done with defining allowed login attempts and lockout time, you can see the history of all those who will be whitelisted listed in the future.

Tab 2: Attempt Details

The Attempts Details tab gives you a deep insight into your WordPress site's login attempts, including IP, Date & Time, Username, Password, and Gateway. 

Note: Based on their attempt details, you can either Whitelist or Blacklist that user.

Under the Attempt Details tab, you can find a beautiful layout with the attempts that failed to detail. Here you can find the details:

1. IP: 

The IP address of the user.

2. Date & Time: 

The date & time when he tries to log in to your site.

3. Username: 

Which username does he try to log in to your site?

4. Password: 

Which password does he try to log in to your site?

5. Gateway:

Which gateway does he use to log in on your site (WP Login, Woocommerce, Widget)?

6. Action:

 Here is the main feature of login attempts.

7. Unlock: 

You can unlock the IP address. After that user will be able to log in again without lockout restriction.

8. Whitelist: 

You can add the IP address to the whitelist. The user will no longer face the limitation restriction. 

9. Blacklist: 

After clicking on Blacklist Button, the IP address will be added to the blacklist. The user will no longer be able to see your WordPress site's login page and wp-admin. 

Blacklist Tab

Tab 3: Whitelist

Under the Whitelist tab, you can find the whitelisted IP address with a beautiful layout. Here you can manage all the Whitelisted users.

1. Clear: 

Remove the Whitelisted IP for a particular IP address. After Removing the IP from the whitelist, there will be no login restriction for that IP address.

Whitelist Tab

Tab 4: Blacklist

Under the Blacklist tab, you can find the blacklisted IP address with a beautiful layout. Here you can

1. Clear: 

Remove the Blacklisted IP for a particular IP. After Removing from the blacklist, that IP address will be able to see a login page and wp-admin.

Blacklist Tab

That's it! We've demonstrated how to add the Limit Login Attempts with LoginPress Add-on. Try LoginPress Limit Login Attempts Add-on now to shield your WordPress site against brute force attacks.

Let us know how much this article helped you! 

If you have any doubts or questions related to this matter, please don't hesitate to contact our support team.

Still stuck? How can we help?

Updated on January 2, 2024

Documentation
LoginPress Support
triangular shape yellowish icon

Frequently Asked Questions (FAQs)

These FAQs answer the most common questions about our WordPress custom login page plugin.

three shapes icon

Where can I get support for LoginPress?

If you need help with LoginPress, you can contact us here. We’ll be happy to answer any questions about the plugin.

Do you have an affiliate program?

Yes, we have an affiliate program that you can sign up for here. As an affiliate, you’ll earn a commission on every sale you refer to us.

Do you offer refunds?

Yes, we offer a 14-day money-back guarantee on all of our plans. If you’re unsatisfied with LoginPress, simply contact us within 14 days of your purchase, and we’ll process a refund.

Can I upgrade my license after my initial purchase?

Yes, you can upgrade your LoginPress license at any time. Simply log into your account and go to the My Downloads page. From here, you can upgrade your license and download the latest version of the plugin.

Will LoginPress slow down my website?

No, LoginPress will not slow down your website. The plugin is lightweight and only loads the necessary files when someone tries to access your login page.

three shapes icon

If you Still have Questions?

Get In Touch