Title: Login Restrict Author: skydev Published: ဇူလိုင် 27၊ 2019 Last modified: ဇူလိုင် 27၊ 2019 --- Search plugins ![](https://ps.w.org/login-restrict/assets/banner-772x250.jpg?rev=2129412) This plugin **hasn’t been tested with the latest 3 major releases of WordPress**. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress. ![](https://ps.w.org/login-restrict/assets/icon.svg?rev=2129401) # Login Restrict By [skydev](https://profiles.wordpress.org/skydev/) [Download](https://downloads.wordpress.org/plugin/login-restrict.zip) * [Details](https://mya.wordpress.org/plugins/login-restrict/#description) * [Reviews](https://mya.wordpress.org/plugins/login-restrict/#reviews) * [Installation](https://mya.wordpress.org/plugins/login-restrict/#installation) * [Development](https://mya.wordpress.org/plugins/login-restrict/#developers) [Support](https://wordpress.org/support/plugin/login-restrict/) ## Description By default WordPress allows unlimited login attempts through the login page but this will lock account after number of login attempts Features * Limit the number of login attempts * Informs user about remaining attempts or block time on login page * Optional logging, optional email notification * Handles server behind reverse proxy * It is possible to whitelist IPs using a filter. Plugin uses standard actions and filters only. ## Screenshots * [[ * screenshot-1.png * [[ * screenshot-2.png * [[ * screenshot-3.png ## Installation 1. Download and extract plugin files to a wp-content/plugin directory. 2. Activate the plugin through the WordPress admin interface. 3. Customize the settings on the options page, if desired. If your server is located behind a reverse proxy make sure to change this setting. ## FAQ Why not reset failed attempts on a successful login? This is very much by design. Otherwise you could brute force the “ admin” password by logging in as your own user every 4th attempt. What is this option about site connection and reverse proxy? A reverse proxy is a server in between the site and the Internet (perhaps handling caching or load-balancing). This makes getting the correct client IP to block slightly more complicated. The option default to NOT being behind a proxy — which should be by far the common case. How do I know if my site is behind a reverse proxy? You probably are not or you would know. We show a pretty good guess on the option page. Set the option using this unless you are sure you know better. Can I whitelist my IP so I don’t get block? First please consider if you really need this. Generally speaking it is not a good idea to have exceptions to your security policies. That said, there is now a filter which allows you to do it: “ login_lmt_whitelist_ip”. Example: function my_ip_whitelist($allow, $ip) { return ($ip == ‘my-ip’) ? true: $allow; } add_filter(‘login_lmt_whitelist_ip’, ‘my_ip_whitelist’, 10, 2); Note that we still do notification and logging as usual. This is meant to allow you to be aware of any suspicious activity from whitelisted IPs. I locked myself out testing this thing, what do I do? Either wait, or: If you know how to edit / add to PHP files you can use the IP whitelist functionality described above. You should then use the “ Restore Lockouts” button on the plugin settings page and remove the whitelist function again. If you have ftp / ssh access to the site rename the file “ wp-content/plugins/login- limit/login-limit.php” to deactivate the plugin. If you have access to the database (for example through phpMyAdmin) you can clear the login_lmt_blocks option in the wordpress options table. In a default setup this would work: “ UPDATE wp_options SET option_value = ” WHERE option_name = ‘login_lmt_blocks’” ## Reviews There are no reviews for this plugin. ## Contributors & Developers “Login Restrict” is open source software. The following people have contributed to this plugin. Contributors * [ Skynet Technologies USA LLC ](https://profiles.wordpress.org/skydev/) * [ wordpress.org ](https://profiles.wordpress.org/wordpressorg-1/) [Translate “Login Restrict” into your language.](https://translate.wordpress.org/projects/wp-plugins/login-restrict) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/login-restrict/), check out the [SVN repository](https://plugins.svn.wordpress.org/login-restrict/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/login-restrict/) by [RSS](https://plugins.trac.wordpress.org/log/login-restrict/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0 * Initial version ## Meta * Version **1.0** * Last updated **7 နှစ် ago** * Active installations **10+** * WordPress version ** 3.0.1 or higher ** * Tested up to **5.2.24** * PHP version ** 5.6 or higher ** * Language * [English (US)](https://wordpress.org/plugins/login-restrict/) * Tags * [authentication](https://mya.wordpress.org/plugins/tags/authentication/)[login](https://mya.wordpress.org/plugins/tags/login/) [security](https://mya.wordpress.org/plugins/tags/security/) * [Advanced View](https://mya.wordpress.org/plugins/login-restrict/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/login-restrict/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/login-restrict/reviews/) ## Contributors * [ Skynet Technologies USA LLC ](https://profiles.wordpress.org/skydev/) * [ wordpress.org ](https://profiles.wordpress.org/wordpressorg-1/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/login-restrict/) ## Donate Would you like to support the advancement of this plugin? [ Donate to this plugin ](https://skynetindia.info)