Simple Login Limit & Protect

Screenshots

Simple Login Limit & Protect is a Plugin designed to protect your WordPress site from hackers, crackers and other attackers, with simple configuration and with minimum problems for legitimate users. Using the same technology used in the most advanced Security Tools, our plugin works as soon as activated, detecting malicious behavior and automatically blocking attackers. Key Features Behavioral Intelligent Learning, detect the behavior of users to distinguish the bad guys from good guys Really GDPR Compliant (why some others plugins don’t comply) Minimum Configuration, just install and don’t mind looking for the settings, works out of the box Behavioral Intelligent Learning We expect legitimate users to behavior in a certain way. In the other side, hackers usually start with simple commoditized scripts, we studied these scripts and implemented detection rules for them. We studied attackers techniques such as User Enumeration, Brute Force Attack, the Most Common Passwords Used and developed sensors to these behaviours, identifying the remote user as an attacker. In the other side, legitimate users normally use the same Provider, with a common Internet browser and in an certain way, we also detect this behaviour and identify them as a good user. Automatically allow legitimate users to try again If a legitimate user is blocked due to missing his password, the plugin will inform the user how much time he have to wait before he can try again, minimising support. On the first missed password tries, the plugin will allow the user to try again in a few minutes with a message, this removes work from the Site Administrator. If necessary, the user can use the WordPress “Lost your password” feature to generate a new one if he forgot to not be blocked again. But if it’s a hacker that continues to try invalid passwords he will be blocked again for even increased times (limited to 24 hours). Full list of Features Detect and block malicious users Detect and block Brute Force Attacks Detect User Enumeration Attacks Inform legitimate users if they are blocked Detect if a hacker is not using HTTPS Detect if a hacker is using scripts Detect the most commons attack tools to WordPress sites, such as Hydra, Curl, MetaSploit, Kalil Detect if the attacker is using a password dictionary to guess passwords Block the IP of the attacker Allow a legitimate user to try again after a few minutes If the attacker continues, block again for 30 minutes If the attacker continues, block for 24 hours Counts and inform the Administrator how much attacks has been blocked Detect and works automatically with Sucuri Web Firewall Detect and suggest configuration for Proxies and Load Balancers Detect and block attacks to XMLRPC API (not all plugins do this) Detect attacks to REST API for user enumeration (no other plugin do this) Installation Instructions On WordPress Admin Dashboard Visit Plugins > Add New Search for Simple Login Limit & Protect. Find and install the plugin In Plugins > Installed Plugins, click in Activate Downloading From WordPress.org Download Simple Login Limit & Protect zip file. Visit Plugins > Add New in your WordPress Admin Dashboard Click in Upload Plugin Click in Choose File, find the downloaded file in your computer Click in Install Now In Plugins > Installed Plugins, click in Activate. Manually via FTP, SFTP Download Simple Login Limit & Protect zip file. Unzip and upload the simple-login-limit-protect directory to your /wp-content/plugins/ directory Enter in your WordPress Admin Dashboard In Plugins > Installed Plugins, click in Activate. Demo Video