Limit login attempts in WordPress
Limiting the number of login attempts a visitor has on your site will help prevent bruteforce login attempts. The easiest way to do this is to install the Limit Login Attempts plugin with the steps below.
Note: Some 1-step or automatic installs will present you with an option select to limit login attempts during setup. To check if you selected this during setup just check your Settings for the Limit Login Attempts option. If it's available you can skip the install steps.
- You should always backup your site before making any changes.
- Log in to WordPress.
- Go to Plugins > Add New
- Search for Limit Login Attempts
- Click Install.
- Click Activate.
- Go to Settings > Limit Login Attempts.
From the Settings page you'll be able to view and clear lockouts, modify how many attempts a user gets, set how long they're locked out for, and set what kind of notifications you get when a lock occurs.