Home » WordPress Tutorials » Security » How to Limit Login Attempts in WordPress

How to Limit Login Attempts in WordPress

Protecting your WordPress website should be a top priority for you and your team. Protection not only can ensure a more confident site-building and maintenance process but also can contribute to more conversions, as your visitors and potential customers might well feel safe to make purchases via your pages.

One of the best ways to add a layer of security is to limit the number of login attempts. This is one of the most useful approaches to defend your site from brute hacking attacks – the type of attacks in which hackers try out different login passwords, so they eventually stumble on the one which works.

 

How to Limit Login Attempts in WordPress

One of the fastest ways of applying a number of login attempts is by using a dedicated WordPress plugin. There are numerous plugins that add different kinds of security to your website. However, for this demonstration, you will see how to install and use a plugin that limits the number of login attempts.

To do so, first, enter your WordPress admin panel and from there go to the Plugins->Add New:

 

Then search for suitable plugins and install the one that fits your requirements the best. For this demonstration, we will use Limit Login Attempts Reloaded. However, you can use anyone else you want:

 

Once you’ve installed and activated the plugin, go to the dedicated settings page. In our case, this menu permalink is placed in the WordPress sidebar and looks like this:

 

Along with other handy options, this particular plugin gives some comprehensive settings regarding preferences such as:

  • Notification email after X failed tries
  • Number of allowed retries
  • Setting up the minutes of lockout
  • Setting up the increased time of the lockout time after X failed tries.

Spend some time and get yourself familiar with all the settings the plugin offers and then spend some more time tweaking these, so you set up all your preferences.

To apply these, simply click on the Save Settings button. This will not only save them but also apply the changes you just made:

 

Now, when you have applied the settings, the WordPress login window displays a dedicated message, informing visitors that they have a certain number of login trials, and if they fail to log in, two things will happen:

  1. The admin will receive a notification email.
  2. WordPress will be blocked for that particular user for a certain amount of time, for example, 24 hours

 

Conclusion

Limiting the login attempts is only one way of securing your pages. Relying on a safe hosting service and adding additional levels of security is a fundamental step in making your website safe. This is why ZETTAHOST provides its partners with reliable and safe hosting services like WordPress hosting.

Browse our services and contact us to explore how we can become your partner in the digital world.

Also, check out our free and comprehensive WordPress guide that will show you everything about the platform and the site-building process.

Related:

Was this article useful?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

Newest Articles:

How to fix HTTP Error 410 Gone in WordPress

HTTP Error 410 is a response status code that your WordPress website displays in the event of a requested file that is no longer available on the requested server now and in the future. To be labeled as a 410 error, the response code also must not include a forwarding...

How to Fix HTTP Error 409 Conflict in WordPress

It is highly likely to stumble upon various error messages when creating your WordPress site. One such is HTTP Error 409 Conflict. Although not so popular such as Page not Found or 429 Too Many Requests, it can still pop up when at least expected. This is why it is...

How to Fix Error 408 Request Timeout in WordPress

Error 408 Request Timeout is a client-side error code – it indicates that the request the Internet browser has made to the web server takes too much time and the server terminates the connection. Indeed, this is the reason why WordPress displays 408 Request Timeout....

How to Fix Error 407 Proxy Authentication Required in WordPress

The 407 Proxy Authentication Required is a type of error that WordPress displays when the server is unable to complete a request. This is a specific error, which indicates that there is a lack of authentication when a proxy server is used between the communication of...

How to Fix Error 406 Not Acceptable in WordPress

Although Error 406 Not Acceptable is not as common as Error 404 page not found, there’s still a chance that you can stumble upon it when working on your site. Since this is a 4xx error message, it indicates that something’s wrong with the client side of the...

Ready to Create Your Website?