Simple Login Limit & Protect Wordpress Plugin - Rating, Reviews, Demo & Download
Plugin Description
Simple Login Limit & Protect is a Plugin designed to protect your WordPress site from hackers, crackers and other attackers, with simple configuration and with minimum problems for legitimate users.
Using the same technology used in the most advanced Security Tools, our plugin works as soon as activated, detecting malicious behavior and automatically blocking attackers.
Key Features
- Behavioral Intelligent Learning, detect the behavior of users to distinguish the bad guys from good guys
- Really GDPR Compliant (why some others plugins don’t comply)
- Minimum Configuration, just install and don’t mind looking for the settings, works out of the box
Behavioral Intelligent Learning
We expect legitimate users to behavior in a certain way. In the other side, hackers usually start with simple commoditized scripts, we studied these scripts and implemented detection rules for them.
We studied attackers techniques such as User Enumeration, Brute Force Attack, the Most Common Passwords Used and developed sensors to these behaviours, identifying the remote user as an attacker.
In the other side, legitimate users normally use the same Provider, with a common Internet browser and in an certain way, we also detect this behaviour and identify them as a good user.
Automatically allow legitimate users to try again
If a legitimate user is blocked due to missing his password, the plugin will inform the user how much time he have to wait before he can try again, minimising support.
On the first missed password tries, the plugin will allow the user to try again in a few minutes with a message, this removes work from the Site Administrator.
If necessary, the user can use the WordPress “Lost your password” feature to generate a new one if he forgot to not be blocked again.
But if it’s a hacker that continues to try invalid passwords he will be blocked again for even increased times (limited to 24 hours).
Full list of Features
- Detect and block malicious users
- Detect and block Brute Force Attacks
- Detect User Enumeration Attacks
- Inform legitimate users if they are blocked
- Detect if a hacker is not using HTTPS
- Detect if a hacker is using scripts
- Detect the most commons attack tools to WordPress sites, such as Hydra, Curl, MetaSploit, Kalil
- Detect if the attacker is using a password dictionary to guess passwords
- Block the IP of the attacker
- Allow a legitimate user to try again after a few minutes
- If the attacker continues, block again for 30 minutes
- If the attacker continues, block for 24 hours
- Counts and inform the Administrator how much attacks has been blocked
- Detect and works automatically with Sucuri Web Firewall
- Detect and suggest configuration for Proxies and Load Balancers
- Detect and block attacks to XMLRPC API (not all plugins do this)
- Detect attacks to REST API for user enumeration (no other plugin do this)
Installation Instructions
On WordPress Admin Dashboard
- Visit
Plugins > Add New
- Search for
Simple Login Limit & Protect
. Find and install the plugin - In
Plugins > Installed Plugins
, click in Activate
Downloading From WordPress.org
- Download Simple Login Limit & Protect zip file.
- Visit
Plugins > Add New
in your WordPress Admin Dashboard - Click in
Upload Plugin
- Click in
Choose File
, find the downloaded file in your computer - Click in
Install Now
- In
Plugins > Installed Plugins
, click in Activate.
Manually via FTP, SFTP
- Download Simple Login Limit & Protect zip file.
- Unzip and upload the
simple-login-limit-protect
directory to your/wp-content/plugins/
directory - Enter in your WordPress Admin Dashboard
- In
Plugins > Installed Plugins
, click in Activate.
Demo Video
Screenshots
-
Simple Login Limit & Protect configuration screen
-
What a user sees when it’s blocked
-
The login screen released again