How to Setting up Limit Logon Attempts for WordPress Blog

Security should always be a major concern when using the WordPress as CSM. If someone gets a hold of your personal information or breaks in to one of your admin accounts, then you are at risk of identity theft and hijacking of your WordPress Powered blog. Anyone who breaks in to your account could steal your private content, post spam, steal your WordPress account or use it to gather email addresses to send spam to.

There are ways of protecting your Blog or Site which is using WordPress  from malicious threats and bots. You can secure your WordPress blog  from unauthorized access by installing some of the plugins that are available for download at the WordPress plugin directory.


There is the best plugin “Limit Login Attempts” which can blocks hackers from trying countless username and passwords after a small number of failed attempts.

It’s fairly easy to write a program that continually tries to log in to your blog by running through every possible combination of common passwords. Limit Login Attempts makes this task completely pointless by locking out users (or bots) that incorrectly try to log in multiple times.

Setting up Limit Login Attempts:

reg lockout fullsize

Download and upload Limit Login Attempts plugins in your Plugin Directory. Limit Login Attempts doesn’t require any additional setup or configuration beyond just installing and activating the plugin. However, if you want to tweak the default settings, head over to Settings | Limit Login Attempts.


Allowed Retries—The total number of incorrect login attempts before the user is locked out.

Minutes lockout—The number of minutes the user will be banned from trying to log in again after N number of failed login attempts.
Handle cookie login—Determines if the lockout should be based on the user’s IP address or cookies; it’s recommended to stick with cookies, as IP addresses might be shared between multiple users.
Notify on lockout—Can be configured to log the IP address of the offending attempts and/or send an e-mail to the admin of your blog, notifying that a user has been locked out.

Download | Detail

What do you do to secure your WordPress blog experience?  Tell us in comments.

Subscribe to WordPress Arena’s Feed.

Reference and Resources:

WordPress Top Plugins

Digging Into WordPress

WordPress 3.0 jQuery: Enhance your WordPress website

Plugins to Power Your WordPress Blog

Top 15 WordPress Plugins to Make Your Blog Secure

Six Steps Toward Securing WordPress

12 Clever Tips for Securing Your WordPress Site

Why you should limit login attempts

8 Free Plugins to Protect Your WordPress Blog from Being Hacked


5 out of 5 stars based on 320 rating(s).
  • Nur

    I am a WordPress, Website Developer and Designer, creator @ WP Arena, Provide Free WordPress consultation and can help to install WordPress in a secure way to small businesses and bloggers.