Limit Login Attempts Reloaded Description:

Limit the number of login attempts into your WordPress site that possible both through the normal login as well as using the authorization cookies.

By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be cracked using brute-force relatively easily.
Limit Login Attempts Reloaded blocks an Internet address from making further attempts after a specified limit on retries has been reached, making a brute-force attack difficult or impossible.


  • Limit the number of retry attempts when logging in (per each IP). This is fully customizable.
  • Limit the number of attempts to log in using authorization cookies in the same way.
  • Informs the user about the remaining retries or lockout time on the login page.
  • Optional logging and optional email notification.
  • Handles the server behind the reverse proxy.
  • Whitelist/blacklist IPs and Usernames.
  • Compatible with Sucuri Website Firewall.
  • Protection for XMLRPC gateway.
  • Protection for Woocommerce login page.
  • Multi-site compatibility with extra MU settings.
  • GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).


  1. Go to the Plugins section in your site’s back-end.
  2. Remove the Limit Login Attempts plugin.
  3. Install the Limit Login Attempts Reloaded plugin.
  4. All your old settings will be kept in tact!
  5. Enjoy your new security plugin.

Many languages are currently supported in Limit Login Attempts Reloaded plugin but we welcome any additional ones. Help us bring Limit Login Attempts Reloaded to even more cultures.

Translations: Bulgarian, Brazilian Portuguese, Catalan, Chinese (Traditional), Czech, Dutch, Finnish, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish

This plugin uses standard actions and filters only.

Limit Login Attempts Reloaded is based on the original code from Limit Login Attempts plugin by Johan Eenfeldt.

Limit Login Attempts Reloaded Screenshots

Some stats:

Version: 2.7.4
Active installations: 800,000+
WordPress Version: 3.0 or higher
Tested up to: 5.1.1