Limit log in attempts in WordPress
Limiting the number of login attempts a visitor has on your site will help prevent unwanted login attempts. The easiest way to do this is to install the Limit Login Attempts Reloaded plugin with the steps below.
Note: Some 1-step or automatic installs will present you with an option select to limit login attempts during set up. To check if you selected this during set up, just check your Settings for the Limit Login Attempts option. If it's available you can skip the install steps.
- Log in to WordPress.
- Go to Plugins > Add New.
- Search for "Limit Login Attempts Reloaded".
- Select Install.
- Select Activate.
- Go to Settings > Limit Login Attempts.
From the Settings page you can change how many attempts a user gets, set how long they're locked out for, set what kind of notifications you get when a lock occurs, and make the plugin GDPR compliant.
From the Logs page you can Safelist/Blocklist specific IPs and/or usernames.