Plugin / Brute Force Login Protection




A Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in.
Brute Force Login Protection is a lightweight plugin that protects your website against brute force login attacks using .htaccess.

After a specified limit of login attempts within a specified time, the IP address of the hacker will be blocked.


  • Limit the number of allowed login attempts using normal login form
  • Limit the number of allowed login attempts using Auth Cookies
  • Manually block/unblock IP addresses
  • Manually whitelist trusted IP addresses
  • Delay execution after a failed login attempt (to slow down brute force attack)
  • Option to inform user about remaining attempts on login page
  • Option to email administrator when an IP has been blocked
  • Custom message to show to blocked users


If you’d like to make a contribution to the Brute Force Login Protection plugin, you can submit a pull request to our GitHub Repository.
You can also create a thread in our Support Forum.
Your feedback is highly appreciated!


If you’d like to make a donation to the Brute Force Login Protection plugin, you can do so via PayPal by clicking here.


18 reviews

Rating breakdown

Details Information



First Released

25 Jun, 2014

Total Downloads


Wordpress Version

2.7.0 or higher

Tested up to:


Require PHP Version:






The information provided in this THEME/PLUGIN DIRECTORY is made available for information purposes only, and intended to serve as a resource to enable visitors to select a relevant theme or plugin. wpSocket gives no warranty of any kind, express or implied with regard to the information, including without limitation any warranty that the particular theme or plugin that you select is qualified on your situation.

The information in the individual theme or plugin displayed in the Directory is provided by the owners and contributors themselves. wpSocket gives no warranty as to the accuracy of the information and will not be liable to you for any loss or damage suffered by you as a consequence of your reliance on the information.

Links to respective sites are offered to assist in accessing additional information. The links may be outdated or broken. Connect to outside sites at your own risk. The Theme/Plugin Directory does not endorse the content or accuracy of any listing or external website.

While information is made available, no guarantee is given that the details provided are correct, complete or up-to-date.

wpSocket is not related to the theme or plugin, and also not responsible and expressly disclaims all liability for, damages of any kind, arising out of the use, reference to, or reliance on, any information or business listed throughout our site.

Keep Leading Your Followers!
Share it for them.