🎉 Use coupon MYXERO to enjoy 20% recurring discount on any plan. View Pricing
XeroWP
BruteFort
BruteFort

BruteFort

5/5 (3 ratings) — active installs Updated Nov 19, 2025
Brute Forcecustom login urlgeo blockingIP restrictionlogin protection
Download v0.0.7 Plugin Website
Dashboard Overview - Rate Limit Settings

Dashboard Overview - Rate Limit Settings

BruteFort is your WordPress site’s complete login security solution. Protect against brute force attacks, hide your login page with a custom URL, block countries using geo-blocking, and manage IP restrictions — all in one lightweight, performance-optimized plugin.

Whether you’re running a blog, a WooCommerce store, or a membership site, BruteFort keeps bots, hackers, and unauthorized users out while maintaining fast page speeds.

🔐 Key Features

🌐 Geo Blocking (Country-Based Restrictions)
– Block or allow login attempts by country
– Blacklist mode: Block specific countries from accessing wp-login.php
– Whitelist mode: Only allow login from selected countries
– IP geolocation detection (Cloudflare compatible)
– Perfect for region-specific sites or blocking high-risk countries

🔗 Custom Login URL (Hide wp-login.php)
– Hide default WordPress login page (wp-login.php)
– Create custom login slug (e.g., yoursite.com/secure-access)
– Automatically redirect wp-login.php to 404
– Prevent automated bot attacks targeting /wp-login.php
– Easy to remember custom URLs for authorized users

🛡️ Brute Force Protection & Rate Limiting
– Block brute force attacks with smart rate limiting
– Set maximum login attempts per IP address
– Configurable time windows and lockout durations
– Progressive lockout extensions for repeated attacks
– Custom error messages for locked users

📍 IP Whitelist & Blacklist Management
– Manage custom IP whitelists and blacklists
– Add individual IPs or CIDR ranges
– Instantly block suspicious IPs
– Whitelist your own IP to prevent lockouts
– Bulk IP management with easy interface

📊 Real-Time Monitoring & Logs
– View failed login attempts in real-time
– Track IP addresses, usernames, and timestamps
– Filter logs by status, date, or IP
– Manual unlock for accidentally locked users
– Export logs for security audits

⚡ Performance & Compatibility
– Lightweight and performance-optimized
– Works with Cloudflare, proxy servers, and CDNs
– Compatible with most security plugins
– Dark mode UI support
– No impact on page load speeds

🎯 Perfect For

  • WooCommerce stores protecting customer data and preventing unauthorized access
  • Membership sites restricting access by geographic location
  • Corporate websites blocking countries where business doesn’t operate
  • Blog owners hiding login page from automated bots and scanners
  • Agencies managing multiple client sites with different security requirements
  • High-traffic sites experiencing frequent brute force attacks
  • International sites wanting region-specific login restrictions

🚀 Why Choose BruteFort?

  • All-in-one solution: Custom login URL + Geo blocking + IP restrictions in one plugin
  • Easy to use: Simple, intuitive interface with no complex configuration
  • Performance-focused: Minimal resource usage, no site slowdown
  • SEO-friendly: Properly handles redirects and 404s
  • Privacy-conscious: No external API calls for basic features (optional geo API)
  • Regular updates: Actively maintained with new features added regularly