WordPress Plugin Is A Must Have

I'm afraid I can't recall where I fist saw this plugin mentioned, but I owe them some kind of props. It's one of those things that is very simple, yet very useful. The Limit Login Attempts plugin does just that, and therefore makes it much harder for baddies to brute force their way into your WordPress admin panel. This is for use with WordPress sites you are hosting, or have someone host for you; as far as I know, you can't use plugins on the free sites.
By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.

Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.
Author Site


  1. Looks like a nice plugin, but it doesn't appear to be updated any longer (almost a year).

    1. John, good catch - it does still work though, and I have the latest version of WP installed.

  2. Well, I put it on and tested it. It seems to work, but it seems to be miscounting the lockouts. I got an email with 2 lockouts and 8 tries when it was 1 and 4.

    However, none of the other plugins really seemed to do what they implied they do.

  3. @John - Ah, see, but you are wearing your computer guy hat - it DOES block multiple log on attempts, even though it can't count....