In one click, your WordPress login page will be pretected with the smart brute force attack protection! Any login attempts more than 6 in 10 minutes (default value) will be limited.
Limit the number of login attempts through both the login and the auth cookies.
Two-factor Authentication login.
Text SMS message passcode for 2nd step verification support.
Google reCAPTCHA.
GeoLocation (Continent/Country/City) or IP range to limit login attempts.
Passwordless login link.
Support Whitelist and Blacklist.
GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).
WooCommerce Login supported.
XMLRPC gateway protection.
Call the function $link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'your plugin name or tag' ) : '';
to generate one passwordless login link for the current user.
Call the function $link = function_exists( 'dologin_gen_link' ) ? dologin_gen_link( 'note/tip for this generation', $user_id ) : '';
to generate a passwordless login link for the user which ID is $user_id
.
The generated one-time used link will be expired after 7 days.
SILENCE_INSTALL
to avoid redirecting to setting page after installtion.List all passwordless links: wp dologin list
Generate a passwordless link for one username (for the login name root
): wp dologin gen root
Delete a passwordless link w/ the ID in list (for the record w/ ID 5): wp dologin del 5
When visitors hit the login page, this plugin will lookup the Geolocation info from API, compare the Geolocation setting (if has) with the whitelist/blacklist to decide if allow login attempts.
The online IP lookup service is provided by https://www.doapi.us. The provider’s privacy policy is https://www.doapi.us/privacy.
Based on the original code from Limit Login Attemps plugin and Limit Login Attemps Reloaded plugin.