Introducing LoginPress 6.0: Smarter, Simpler & More Secure

Disclaimer: If you face any issues with our new update and need timely assistance, contact our dedicated support team or explore our WordPress.org support section. 

We’re thrilled to introduce LoginPress 6.0, a milestone release that redefines how you manage WordPress logins. With a brand-new React-based interface, more customization options, tighter security controls, and significant performance improvements, this update is designed to give you a smoother experience while keeping your website and users safer than ever.

This release focuses on improving performance, refining customization, and giving site owners more control over every aspect of the WordPress login experience.

Let’s dive into what’s new in LoginPress 6.0, covering both Free and Pro versions.

New React-Based Admin Interface (Free + Pro)

LoginPress 6.0 introduces a completely re-engineered admin panel built with ReactJS. This modern codebase offers a smoother, faster experience and lays the foundation for more scalable updates in the future.

• Faster performance across settings pages
• Enhanced responsiveness and intuitive layout
• Optimized workflows with real-time updates

Both Free and Pro users will notice smoother navigation and faster settings management.

New Features in 6.0 Free Version

Transparent Background Option

Give your login page a modern, stylish look with the new Background Transparency option. This allows you to add see-through backgrounds directly from the Customizer.

Special Character Support

Users can now create usernames that include special characters. This option can be enabled in LoginPress Settings to provide more flexibility.

Random Background Images

Keep your login page fresh with our new Random Background Images feature. When enabled, LoginPress will automatically rotate background images for variety. You can easily enable them from Customizer > Background.

Restrict Specific Domains Registration

Control who can register on your website by allowing or blocking specific email domains during registration. Whether you want to allow only company emails or block temporary domains, this new feature gives you complete control.

• Allowlist trusted domains
• Blocklist (disallow) suspicious or temporary domains
• Prevent spam or unwanted registrations

New Features in 6.0 Pro Version

Custom Fonts

LoginPress Pro 6.0 adds the ability to use Custom Fonts. Select from Google Fonts or upload your own font files to fully align your login page with your brand. You can also add your custom font file by navigating to LoginPress > Customizer > Google Fonts.

Crawler Access Control

With Force Login enabled, you can now allow search engine crawlers to access your site’s main content without requiring a login. This ensures SEO indexing while maintaining security.

With this feature, you can prevent bots and search engines from indexing your login page.

• Helps avoid exposure of your login URL in search engines
• Reduces bot traffic and improves security

Select Crawlers to Allow

This will be shown upon enabling the above option. You can choose which search engine bots are permitted to access your site:

• Googlebot
  
• Bingbot
  
• Slurp
  
• DuckDuckBot
  
• YandexBot
  
• Baiduspider
  

To allow a custom crawler, use the WordPress filter:

Loginpress_add_custom_crawlers

Limit Concurrent Logins

Added in the Limit Login Attempts Addon, this feature prevents users from logging into multiple devices simultaneously. Admins can also exclude specific user roles.

This feature is perfect for online courses, membership sites, or any platform where account sharing needs to be restricted. Admins can also exclude certain user roles from this restriction, giving you greater flexibility.

LLA EndPoint Restrictions

These endpoint toggles provide admins with stronger tools to lock down potential attack vectors. By disabling unused endpoints, you minimize the risk of brute-force or automated bot attacks while still allowing necessary functionality.

The following security toggles let you disable user, app login, and application password endpoints. This prevents unauthorized API access and brute-force attempts.

1. Disable User Endpoints

What it does:
Disables the User Query REST API Endpoints, which can expose public access to user data (such as usernames and emails) via /wp-json/wp/v2/users.

Why use it:
To prevent unauthorized parties or bots from enumerating user accounts through the REST API, we reduce the risk of brute-force or targeted attacks.

2. Disable App Login Endpoints

What it does:
Disables App Login REST API Endpoints, which allow remote apps or unauthorized clients to attempt authentication via the WordPress REST API.

Why use it:
To block unknown or third-party apps from using the REST API to log in users, thereby strengthening access control.

3. Disable Application Password

What it does:
Prevents the use of Application Passwords, which allow non-interactive systems (like XML-RPC or REST API) to authenticate without using your real password.

Why use it:
To stop automated or headless access (e.g., through bots or remote systems) even if someone has generated an app password. This improves security, especially if you don’t need remote or third-party app access.

Limit Login Attempts: Notification System

A brand-new Notifications Tab has been added to the Limit Login Attempts Addon. This includes customizable notification messages and editable email templates.

Limit Login Attempts: Status Table

The Limit Login Attempts logs now feature a Status column for easier debugging and visibility. Status values are now added to the LLA logs for better visibility and debugging.

LifterLMS Redirects

A dedicated LifterLMS tab has been added to the Login Redirects Settings. This makes it easier to configure post-login redirects specifically for learners.

This gives course creators full control over where learners land after logging in. You can now direct students to custom dashboards, course pages, or membership areas for a more personalized experience.

Microsoft Tenant ID Support

You can now select Microsoft tenant types allowed for login when using Microsoft social login integration.

LoginPress now supports Microsoft Tenant ID for enterprise-level logins. This allows seamless sign-ins for organizations with multiple tenants.

Auto Login Enhancements

Improved control for Auto Login. It now supports searching by email in addition to username, which was the only option previously.

Bug Fixes

• Free version: Fixed issues related to the login page not properly showing the Password Reset Error message.
• Pro version: Resolved issues with the Hide Login in Customizer, especially when Hide Login is enabled and the live preview is used in the Customizer.

Time to Update

We recommend upgrading to LoginPress 6.0 today to benefit from the new features, integrations, and security improvements.

Not sure where to start?

Check out our documentation for step-by-step guides

Need more help? Contact support.

As always, please back up your site before running any major update.