Loginizer is a WordPress plugin that helps you fight bruteforce attacks by blocking the login for the IP after it has reached the maximum retries allowed. You can blacklist or whitelist IPs for login with Loginizer. You can use various other functions such as two-factor authentication, reCAPTCHA, PasswordLess Login, etc. to improve the security of your website.
Loginizer is actively used by 1,000,000+ WordPress websites.
You can find our official documentation at https://loginizer.com/docs. We’re also active on our community support forums on wordpress.org if you’re one of our free users. You can find our premium support ticket system at https://loginizer.deskuss.com.
Loginizer Security Pro Features: –
Get professional support from our experts and pro features to take your site’s security to the next level with Loginizer-Security.
Pro Features :
- MD5 Checksum – of Core WordPress Files. The admin can check and ignore files as well.
- PasswordLess Login – At the time of Login, the username / email address will be asked and an email will be sent to the email address of that account with a temporary link to login.
- Two Factor Auth via Email – On login, an email will be sent to the email address of that account with a temporary 6 digit code to complete the login.
- Two Factor Auth via App – The user can configure the account with a 2FA App like Google Authenticator, Authy, etc.
- Login Challenge Question – The user can setup a Challenge Question and Answer as an additional security layer. After Login, the user will need to answer the question to complete the login.
- reCAPTCHA – Google’s reCAPTCHA v3/v2 can be configured for the Login screen, Comments Section, Registration Form, etc. to prevent automated brute force attacks. Supports WooCommerce as well.
- Rename Login Page – The Admin can rename the login URL (slug) to something different from wp-login.php to prevent automated brute force attacks.
- Rename WP-Admin URL – The Admin area in WordPress is accessed via wp-admin. With loginizer you can change it to anything e.g. site-admin
- Rename Login with Secrecy – If set, then all Login URL’s will still point to wp-login.php and users will have to access the New Login Slug by typing it in the browser.
- Disable XML-RPC – An option to simply disable XML-RPC in WordPress. Most of the WordPress users don’t need XML-RPC and can disable it to prevent automated brute force attacks.
- Rename XML-RPC – The Admin can rename the XML-RPC to something different from xmlrpc.php to prevent automated brute force attacks.
- Username Auto Blacklist – Attackers generally use common usernames like admin, administrator, or variations of your domain name / business name. You can specify such username here and Loginizer will auto-blacklist the IP Address(s) of clients who try to use such username(s).
- New Registration Domain Blacklist – If you would like to ban new registrations from a particular domain, you can use this utility to do so.
- Change the Admin Username – The Admin can rename the admin username to something more difficult.
- Auto Blacklist IPs – IPs will be auto blacklisted, if certain usernames saved by the Admin are used to login by malicious bots / users.
- Disable Pingbacks – Simple way to disable PingBacks.
Features in Loginizer include:
- Blocks IP after maximum retries allowed
- Extended Lockout after maximum lockouts allowed
- Email notification to admin after max lockouts
- Blacklist IP/IP range
- Whitelist IP/IP range
- Check logs of failed attempts
- Create IP ranges
- Delete IP ranges
- Licensed under LGPLv2.1
- Safe & Secure