How to Set Maximum Login Attempts in WordPress Using Wordfence

Last updated on
Jan 26, 2024

If you have a website, regardless of the CMS you use to build your website, security is the aspect you should consider. If your website is built with WordPress, you can install a security plugin to protect your website from cyber-attacks or spamming attempts.

Speaking of security plugin, Wordfence is one of the first name to come in mind. It is one of the most popular WordPress security plugins. There are lots of features offered by Wordfence to secure your website, including brute-force protection.

Brute-force is a cyber-attack type that randomly combines usernames and passwords to make an illegal login to a website. To prevent this attack type, you can set the maximum login attempts on your WordPress site. After certain number of failed login attempts, Wordfence will automatically lock out the IP addresses of the attackers so that they can’t make another login attempt.

How to Set Maximum Login Attempts in WordPress Using Wordfence

Before getting started, make you sure you have installed and activated the Wordfence plugin on your WordPress site. Once you are ready, go to Wordfence -> All options on your WordPress dashboard. On the Firewall Options section, open the Brute Force Protection block and enable the brute force protection if disabled.

You have two options to limit login attempts. First, you can set the maximum login failures. Login failure itself refers to login failure caused by the forget of password or username. Or both. Second, you can set the maximum numbers the “Forgot password?” form can be used by users who forgot their password.

On the Count failures over what time period and Amount of time a user is locked out options, you can set time frame over which we count failures as well as the duration an IP address is locked out.

Please note that Wordfence doesn’t display the remaining login attempts on the login page. So, be wise when setting the maximum login attempts, especially if you have multiple users on your WordPress site. Make sure to click the SAVE CHANGES on the top-right corner to apply the changes you made.

This page may contain affiliate links, which help support the project. Read our affiliate disclosure.

Editorial Staff

Want to turn your WordPress knowledge into a passive income machine?