Limit Login Attempts Reloaded


Limit the number of login attempts that are possible through the normal login as well as XMLRPC, Woocommerce and custom login pages.

WordPress by default allows unlimited login attempts. This can lead to passwords being easily cracked via brute-force.

Limit Login Attempts Reloaded blocks an Internet address (IP) from making further attempts after a specified limit on retries has been reached, making a brute-force attack difficult or impossible.

Limit Login Attempts Reloaded Cloud App
Enables cloud protection app for Limit Login Attempts Reloaded plugin. It comes with all the great features you’ll need to stop hackers and bots from brute-force attacks. The cloud app offers several features including advanced protection out of the box, and the ability for site admins and agencies to sync allow/deny/pass lists across multiple domains. Click here to activate the cloud app for the best WordPress security plugin now!


  • Limit the number of retry attempts when logging in (per each IP). This is fully customizable.
  • Informs the user about the remaining retries or lockout time on the login page.
  • Logging and optional email notification.
  • It is possible to allow/deny IPs and Usernames.
  • Sucuri Website Firewall compatibility.
  • XMLRPC gateway protection.
  • Woocommerce login page protection.
  • Multi-site compatibility with extra MU settings.
  • GDPR compliant.
  • Custom IP origins support (Cloudflare, Sucuri, etc.)

Features (Cloud app):

  • Outsource the site load – All calculations and database queries are done in the cloud
  • Throttling – Longer lockout intervals each time a hacker/bot tries to login unsuccessfully
  • Auto backups of all data
  • Autofix diverse origin IPs (e.g. Cloudflare) – Securely trust certain popular IP origins out of the box
  • Synced lockout & deny/pass lists check – Lockouts can be shared between sites of the same admin
  • Synchronized allow/deny/pass lists – Allow/Deny/Pass lists can be shared between sites of the same admin
  • Premium forum support – Get answers within 1-2 business days.
  • Enhanced lockout logs – A log of lockouts with extra features

Upgrading from the old Limit Login Attempts plugin?

  1. Go to the Plugins section in your site’s backend.
  2. Remove the Limit Login Attempts plugin.
  3. Install the Limit Login Attempts Reloaded plugin.

All your settings will be kept in tact!

Many languages are currently supported in the Limit Login Attempts Reloaded plugin but we welcome any additional ones.
Help us bring Limit Login Attempts Reloaded to even more countries.

Translations: Bulgarian, Brazilian Portuguese, Catalan, Chinese (Traditional), Czech, Dutch, Finnish, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish

Plugin uses standard actions and filters only.