Limit Attempts by BestWebSoft – WordPress Anti-Bot and Security Plugin for Login and Forms
Limit Attempts is a powerful WordPress security plugin that protects your site from brute-force attacks and bot logins. It limits the number of failed login attempts per user and blocks IP addresses for a configurable time period based on your settings.
You can manage deny and allow lists, receive email alerts, and hide login or contact forms from blocked users. This plugin offers seamless protection without the need for coding and is compatible with other BestWebSoft security tools.
Shield your site against automated attacks and unauthorized access today.
Free Features
- Automatically block IP addresses after exceeding allowed login attempts
- Add IPs that exceed block limit to deny list automatically
- Manually add IP addresses to:
- Deny list
- Allow list
- Compatible with Contact Form:
- Set email sending interval
- Set number of emails allowed per interval
- Hide login, register, and lost password forms for blocked or denylisted IPs
- Add denylisted IPs to
.htaccessfile with Htaccess to reduce database load - Treat incorrect captcha as a failed login with Captcha
- View detailed login attempt statistics:
- IP address
- Failed attempts
- Block count
- Status
- Customize error messages for:
- Failed login
- Blocked users
- Denylisted users
- Send email alerts for blocked and denylisted users to:
- User email
- Custom email
- Limit Attempts Captcha for default forms
- Limit Attempts export/import
- Compatible with latest WordPress version
- Incredibly simple settings for fast setup without modifying code
- Detailed step-by-step documentation and videos
- Multilingual and RTL ready
Pro Features
All Free features included, plus:
- Add IP ranges and masks to deny/allow list
- Block IPs by country using GeoIP database
- Deny or allow access by email address or domain
- Control total failed attempts before block
- Manage deny/allow lists with:
- Country
- IP range
- Reason
- Compatible with:
- Configure rules for non-existent usernames:
- Use standard block settings
- Immediate IP block
- Immediate deny list
- Log tab includes:
- IP address
- Username
- Password
- Hostname
- Event type
- Form source
- Timestamp
- Login statistics and brute-force attempts chart in settings and dashboard widget
- Multisite network settings support
- Use plugin’s captcha on default forms
- Priority support within 1 business day (Support Policy)
Got a feature request? We want to hear it: Suggest a Feature
Documentation & Videos
Help & Support
Need help? Visit our Help Center – https://support.bestwebsoft.com/
Translation
- Polish (pl_PL) – thanks to Damian Dąbrowski
- Russian (ru_RU)
- Ukrainian (uk)
- Italian (it_IT)
- Portuguese (pt_PT)
- Arabic (ar)
- German (de_DE)
- Spanish (es_ES)
- French (fr_FR)
Help us improve translations! Send PO/MO files via Support Form or use Poedit.