Loginizer

Loginizer is a WordPress plugin which helps you fight against bruteforce attack by blocking login for the IP after it reaches maximum retries allowed. You can blacklist or whitelist IPs for login using Loginizer. You can use various other features like Two Factor Auth, reCAPTCHA, PasswordLess Login, etc. to improve security of your website.

Loginizer is actively used by more than 1000000+ WordPress websites.

You can find our official documentation at https://loginizer.com/docs. We are also active in our community support forums on wordpress.org if you are one of our free users. Our Premium Support Ticket System is at https://loginizer.deskuss.com

Free Features :

• Brute force protection. IPs trying to brute force your website will be blocked for 15 minutes after 3 failed login attempts. After multiple lockouts the IP is blocked for 24 hours. This is the default configuration and can be changed from Loginizer -> Brute force page in WordPress admin panel.
• Failed login attempts logs.
• Blacklist IPs
• Whitelist IPs
• Custom error messages on failed login.
• Permission check for important files and folders.
• Allow only Trusted IP.
• Blocked Screen in place of the Login page.
• Email Notification on successful login.

Få support och professionella funktioner

Få professionell support från våra experter och Pro-funktioner för att ta din webbplats till nästa nivå med Loginizer-Security.

Pro-funktioner:

• MD5 Checksum – of Core WordPress Files. The admin can check and ignore files as well.
• PasswordLess Login – At the time of Login, the username / email address will be asked and an email will be sent to the email address of that account with a temporary link to login.
• Two Factor Auth via Email – On login, an email will be sent to the email address of that account with a temporary 6 digit code to complete the login.
• Two Factor Auth via App – The user can configure the account with a 2FA App like Google Authenticator, Authy, etc.
• Login Challenge Question – The user can setup a Challenge Question and Answer as an additional security layer. After Login, the user will need to answer the question to complete the login.
• reCAPTCHA – Google’s reCAPTCHA v3/v2, Cloudflare Turnstile, hCAPTCHA can be configured for the Login screen, Comments Section, Registration Form, etc. to prevent automated brute force attacks. Supports WooCommerce as well.
• Byt namn på inloggningssida – Admin kan ändra URL för inloggning (permalänk) till något annat än wp-login.php för att förhindra automatiska brute force attacks.
• Rename WP-Admin URL – The Admin area in WordPress is accessed via wp-admin. With loginizer you can change it to anything e.g. site-admin
• CSRF Protection – This helps in preventing CSRF attacks as it updates the admin URL with a session string which makes it difficult and nearly impossible for the attacker to predict the URL.
• Rename Login with Secrecy – If set, then all Login URL’s will still point to wp-login.php and users will have to access the New Login Slug by typing it in the browser.
• Disable XML-RPC – An option to simply disable XML-RPC in WordPress. Most of the WordPress users don’t need XML-RPC and can disable it to prevent automated brute force attacks.
• Rename XML-RPC – The Admin can rename the XML-RPC to something different from xmlrpc.php to prevent automated brute force attacks.
• Username Auto Blacklist – Attackers generally use common usernames like admin, administrator, or variations of your domain name / business name. You can specify such username here and Loginizer will auto-blacklist the IP Address(s) of clients who try to use such username(s).
• New Registration Domain Blacklist – If you would like to ban new registrations from a particular domain, you can use this utility to do so.
• Ändra administratörsnamn – Admin kan byta namn på admin-användarnamnet till något svårare.
• Auto Blacklist IPs – IPs will be auto blacklisted, if certain usernames saved by the Admin are used to login by malicious bots / users.
• Inaktivera pingbacks – Enkelt sätt att inaktivera pingBacks.
• SSO – Single Sign-on, let any user access to your WordPress Dashboard without the need to share username or password.
• Limit Concurrent Logins: It prevents user to login from different devices concurrently, you can define how many devices you want to allow, and how you want to restrict the user when concurrent limit is reached.

Funktioner i Loginizer inkluderar:

• Blockerar IP efter maximal tillåtna försök
• Utökad blockering efter maximal tillåtna försök
• Email notification to admin after max lockouts
• Svartlista IP/IP-intervall
• Vitlista IP/IP-intervall
• Kontrollera loggar på misslyckade försök
• Skapa IP-intervall
• Ta bort IP-intervall
• Licensed under LGPLv2.1
• Safe & Secure