Limit Login Attempts Security – Login Security, 2FA, Firewall, Brute Force Prevention
by WPChef 4.9 (1,468 reviews)

Limit Login Attempts Security – Login Security, 2FA, Firewall, Brute Force Prevention

WordPress login security with brute force protection, Two-factor authentication (2FA/MFA), firewall, IP/country blocking, and login monitoring

Compatible with WP 7.0.2
v3.3.4 Current Version v3.3.4
Updated 1 week ago Last Update on 08 Jul, 2026
Refreshed 9 hours ago Last Refreshed on
View on WordPress.org
Rank
#33
No change
Active Installs
1M+
No change
KW Avg Position
4.8
+0.6 better
Downloads
91.8M
+11,327 today
Support Resolved
44%
No change
Rating
98%
Review 4.9 out of 5
4.9 (1,468 reviews)

Next Milestone 2M

Total Progress 91.9%
1M+ 2M+
3
Ranks to Climb
-
Growth Needed
8,000,000
Active Installs
Pro

Unlock Exact Install Count

See the precise estimated active installs for this plugin, calculated from real-time ranking data.

  • Exact install estimates within tiers
  • Track install growth over time
  • Milestone progress predictions
Upgrade to Pro
Need 81,082 more installs to reach 2M+

Rank Changes

13 23 33 43 53 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
13 23 33 43 53 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
13 23 33 43 53 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
13 23 33 43 53 19-04-2026 20-04-2026 21-04-2026 22-04-2026 23-04-2026 24-04-2026 25-04-2026 26-04-2026 27-04-2026 28-04-2026 29-04-2026 30-04-2026 01-05-2026 02-05-2026 03-05-2026 04-05-2026 05-05-2026 06-05-2026 07-05-2026 08-05-2026 09-05-2026 10-05-2026 11-05-2026 12-05-2026 13-05-2026 14-05-2026 15-05-2026 16-05-2026 17-05-2026 18-05-2026 19-05-2026 20-05-2026 21-05-2026 22-05-2026 23-05-2026 24-05-2026 25-05-2026 26-05-2026 27-05-2026 28-05-2026 29-05-2026 30-05-2026 31-05-2026 01-06-2026 02-06-2026 03-06-2026 04-06-2026 05-06-2026 06-06-2026 07-06-2026 08-06-2026 09-06-2026 10-06-2026 11-06-2026 12-06-2026 13-06-2026 14-06-2026 15-06-2026 16-06-2026 17-06-2026 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
Current #33
Change
Best #

Upgrade to Pro

Unlock 30-day and 90-day rank history charts with a Pro subscription.

Upgrade Now

Active Installs Growth

Active Installs 0,000,000+
Growth +0.0%
Peak 0,000,000

Downloads Growth

10K 15K 20K 25K 30K 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
0 100K 200K 300K 400K 500K 600K 700K 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
0 100K 200K 300K 400K 500K 600K 700K 18-06-2026 19-06-2026 20-06-2026 21-06-2026 22-06-2026 23-06-2026 24-06-2026 25-06-2026 26-06-2026 27-06-2026 28-06-2026 29-06-2026 30-06-2026 01-07-2026 02-07-2026 03-07-2026 04-07-2026 05-07-2026 06-07-2026 07-07-2026 08-07-2026 09-07-2026 10-07-2026 11-07-2026 12-07-2026 13-07-2026 14-07-2026 15-07-2026 16-07-2026 17-07-2026 18-07-2026
0 100K 200K 300K 400K 500K 600K 700K 19-04-2026 22-04-2026 25-04-2026 28-04-2026 01-05-2026 04-05-2026 07-05-2026 10-05-2026 13-05-2026 16-05-2026 19-05-2026 22-05-2026 25-05-2026 28-05-2026 31-05-2026 03-06-2026 06-06-2026 09-06-2026 12-06-2026 15-06-2026 18-06-2026 21-06-2026 24-06-2026 27-06-2026 30-06-2026 03-07-2026 06-07-2026 09-07-2026 12-07-2026 15-07-2026 18-07-2026
0 100K 200K 300K 400K 500K 600K 700K 800K 900K 1M 18-07-2025 30-07-2025 11-08-2025 23-08-2025 04-09-2025 16-09-2025 28-09-2025 10-10-2025 22-10-2025 03-11-2025 15-11-2025 27-11-2025 09-12-2025 21-12-2025 02-01-2026 14-01-2026 26-01-2026 07-02-2026 19-02-2026 03-03-2026 15-03-2026 27-03-2026 08-04-2026 20-04-2026 02-05-2026 14-05-2026 26-05-2026 07-06-2026 19-06-2026 01-07-2026 13-07-2026 18-07-2026
Downloads
Growth
Peak

Upgrade to Pro

Unlock 30-day, 90-day, and yearly download history charts with a Pro subscription.

Upgrade Now

Reviews & Ratings

4.9
1,468 reviews
Overall 98%
5
1,385 (94%)
4
29 (2%)
3
8 (1%)
2
10 (1%)
1
36 (2%)

Tracked Keywords

Showing 5 of 5
Keyword Position Change Type Updated
Brute Force 2 Tag 21 hours ago
2FA 3 Tag 21 hours ago
login security 4 Tag 21 hours ago
firewall 6 Tag 21 hours ago
security 9 Tag 21 hours ago

Unlock Keyword Analytics

Track keyword rankings, search positions, and discover new ranking opportunities with a Pro subscription.

  • Full keyword position tracking
  • Historical ranking data
  • Competitor keyword analysis
Upgrade to Pro

Support Threads Overview

Resolved
Unresolved
9
Total Threads
4
Resolved
5
Unresolved
44%
Resolution Rate

Track This Plugin

Get detailed analytics, keyword tracking, and position alerts delivered to your inbox.

Start Tracking Free

Plugin Details

Version
3.3.4
Last Updated
Jul 08, 2026
Requires WP
5.0+
Tested Up To
7.0.2
PHP Version
N/A
Author
WPChef

Support & Rating

Rating
★ ★ ★ ★ ★ 4.9
Reviews
1,468
Support Threads
9
Resolved
44%

Keywords

Upgrade to Pro

Unlock keyword rankings, search positions, and detailed analytics with a Pro subscription.

Upgrade Now

Frequently Asked Questions

Common questions about Limit Login Attempts Security – Login Security, 2FA, Firewall, Brute Force Prevention

If you are using contemporary hosting, it's likely your site uses a proxy domain service like CloudFlare, Sucuri, Nginx, etc. They replace your user's IP address with their own. If the server where your site runs is not configured properly (this happens a lot) all users will get the same IP address. This also applies to bots and hackers. Therefore, locking one user will lead to locking everybody else out. If the plugin is not using our Cloud App, this can be adjusted using the Trusted IP Origin setting. The cloud service intelligently recognizes the non-standard IP origins and handles them correctly, even if your hosting provider does not.
An easy way to check if the attack is legitimate is to copy the IP address from the lockout notification and check its location using a IP locator tool. If the location is not somewhere you recognize and you have received several failed login attempts, then you are likely being attacked. You might notice dozens or hundreds of IPs each day. Visit our website to learn how can you prevent brute force attacks on your website.
After you upgrade to our premium version, you will see a new dashboard in your WordPress admin that shows all attacks that will now relay through our cloud service. On the graph, you'll see requests and failed login attempts. Each request will represent the cloud app validating an IP, which also includes denied logins. In some cases, you may notice an increase in speed and efficiency with your website. Also, a reduction in lockout notifications via email.
Some users find it hard to believe that they could experience numerous unsuccessful login attempts, particularly when their site has just been established or has minimal human traffic. The plugin is not responsible for generating these failed login attempts. Newly created websites are frequently hosted on shared IP addresses, making it easy for hackers to discover them. Additionally, newly registered domain names are often crawled soon after creation, rendering a WordPress website susceptible to attacks. Such websites are attractive targets as security is not a primary concern for their owners. We've created an article that delves deeper into the issue of fake login attempts in WordPress.
The premium plan’s resource limits start from 100,000 requests per month, which should accept almost any heavy brute-force attack. We monitor all of our sites and will alert the user if it appears they are going over their limits. If limits are reached, we will suggest to the user upgrading to the next plan. If you are using the free version, the load caused by brute force attacks will be absorbed by your current hosting bandwidth, which could cause your hosting costs to increase.
The URLs being protected are your login page (wp-login.php, wp-admin), xmlrpc.php, WooCommerce login page, and any custom login page you have that uses regular WordPress login hooks.
Our main focus is protecting your site from brute force attacks. This allows our plugin to be very lean and effective. It doesn’t require a lot of your web hosting resources and keeps your site well-protected. More importantly, it does all of this automatically as our service learns on its own about each IP it encounters. In contrast, a firewall would require manual blocking of IPs.
Open the site from another IP. You can do this from your cell phone, or using Opera browser and enabling free VPN there. You can also try turning off your router for a few minutes and then see if you get a different IP address. These will work if your hosting server is configured correctly. If that doesn’t work, connect to the site using FTP or your hosting control panel file manager. Navigate to wp-content/plugins/ and rename the limit-login-attempts-reloaded folder. Log in to the site then rename that folder back and whitelist your IP. By upgrading to our premium app, you will have the unlocking functionality right from the cloud so you’ll never have to deal with this issue.
The settings are explained within the plugin in great detail. If you are unsure, use the default settings as they are the recommended ones.
By default, you will need to copy and paste the lists to each site manually. For the premium service, sites are grouped within the same private cloud account. Each site within that group can be configured if it shares its lockouts and access lists with other group members. The setting is located in the plugin's interface. The default options are recommended.

Sign In / Register

You need to sign in or register to use this feature.