🎉 Use coupon MYXERO to enjoy 20% recurring discount on any plan. View Pricing
XeroWP
Limit Attempts by BestWebSoft – WordPress Anti-Bot and Security Plugin for Login and Forms
Limit Attempts by BestWebSoft – WordPress Anti-Bot and Security Plugin for Login and Forms

Limit Attempts by BestWebSoft – WordPress Anti-Bot and Security Plugin for Login and Forms

4.6/5 (37 ratings) 4K+ active installs Updated Jan 9, 2026
failed attemptslimit attemptslimit login attemptsloginsecurity
Download v1.3.2 Plugin Website
Message with allowed retries.

Message with allowed retries.

Limit Attempts is a powerful WordPress security plugin that protects your site from brute-force attacks and bot logins. It limits the number of failed login attempts per user and blocks IP addresses for a configurable time period based on your settings.

You can manage deny and allow lists, receive email alerts, and hide login or contact forms from blocked users. This plugin offers seamless protection without the need for coding and is compatible with other BestWebSoft security tools.

Shield your site against automated attacks and unauthorized access today.

View Demo

Free Features

  • Automatically block IP addresses after exceeding allowed login attempts
  • Add IPs that exceed block limit to deny list automatically
  • Manually add IP addresses to:
    • Deny list
    • Allow list
  • Compatible with Contact Form:
    • Set email sending interval
    • Set number of emails allowed per interval
  • Hide login, register, and lost password forms for blocked or denylisted IPs
  • Add denylisted IPs to .htaccess file with Htaccess to reduce database load
  • Treat incorrect captcha as a failed login with Captcha
  • View detailed login attempt statistics:
    • IP address
    • Failed attempts
    • Block count
    • Status
  • Customize error messages for:
    • Failed login
    • Blocked users
    • Denylisted users
  • Send email alerts for blocked and denylisted users to:
    • User email
    • Custom email
  • Limit Attempts Captcha for default forms
  • Limit Attempts export/import
  • Compatible with latest WordPress version
  • Incredibly simple settings for fast setup without modifying code
  • Detailed step-by-step documentation and videos
  • Multilingual and RTL ready

Pro Features

All Free features included, plus:

  • Add IP ranges and masks to deny/allow list
  • Block IPs by country using GeoIP database
  • Deny or allow access by email address or domain
  • Control total failed attempts before block
  • Manage deny/allow lists with:
    • Country
    • IP range
    • Reason
  • Compatible with:
  • Configure rules for non-existent usernames:
    • Use standard block settings
    • Immediate IP block
    • Immediate deny list
  • Log tab includes:
    • IP address
    • Username
    • Password
    • Hostname
    • Event type
    • Form source
    • Timestamp
  • Login statistics and brute-force attempts chart in settings and dashboard widget
  • Multisite network settings support
  • Use plugin’s captcha on default forms
  • Priority support within 1 business day (Support Policy)

Upgrade to Pro Now

Got a feature request? We want to hear it: Suggest a Feature

Documentation & Videos

Help & Support

Need help? Visit our Help Center – https://support.bestwebsoft.com/

Translation

  • Polish (pl_PL) – thanks to Damian Dąbrowski
  • Russian (ru_RU)
  • Ukrainian (uk)
  • Italian (it_IT)
  • Portuguese (pt_PT)
  • Arabic (ar)
  • German (de_DE)
  • Spanish (es_ES)
  • French (fr_FR)

Help us improve translations! Send PO/MO files via Support Form or use Poedit.

Recommended Plugins

  • Updater – Auto-update WordPress, plugins, and themes.
  • Captcha – Anti-spam captcha plugin for WordPress forms.
  • Htaccess – Allow/deny access by IP, hostname, etc.