Title: Protect Login Author: Simon Kraft Published: 22. kolovoza 2024. Last modified: 22. svibnja 2025. --- Pretraga dodataka ![](https://ps.w.org/protect-login/assets/icon.svg?rev=3297390) # Protect Login Od [Simon Kraft](https://profiles.wordpress.org/krafit/) [Preuzmi](https://downloads.wordpress.org/plugin/protect-login.1.4.7.zip) [Live Preview](https://hr.wordpress.org/plugins/protect-login/?preview=1) * [Detalji](https://hr.wordpress.org/plugins/protect-login/#description) * [Recenzije](https://hr.wordpress.org/plugins/protect-login/#reviews) * [Instalacija](https://hr.wordpress.org/plugins/protect-login/#installation) * [Razvoj](https://hr.wordpress.org/plugins/protect-login/#developers) [Podrška](https://wordpress.org/support/plugin/protect-login/) ## Opis Out of the box, WordPress allows unlimited attempts to log in. This opens up opportunities for attackers to crack passwords simply by trying over and over again. This kind of attack is called brute-force, and _Protect Login_ mitigates this by slowing down the login after a series of subsequent failed attempts. But we did not stop there. We’re also working on ways to improve the security of your WordPress passwords. Currently, we do this by allowing you to enforce a password policy to make sure your users don’t use weak passwords for their accounts. ## Instalacija 1. Upload the plugin files to the `/wp-content/plugins/protect-login` directory, or install the plugin through the WordPress plugins screen directly. 2. Activate the plugin through the ‘Plugins’ screen in WordPress. 3. The default settings will be applied automatically. To change them, navigate to** Settings > Protect Login** ## ČPP ### Who are you folks? We’re Thomas and Simon, two WordPress enthusiasts, with the dearing crazy idea to offer a good plugin without asking for your money or attention. Our initial work on **Protect Login** was sponsored by [group.one](https://www.group.one/). ### Why did you build this plugin? We care about WordPress and keeping WordPress sites secure. So we decided it was time to take the code of the original Limit Login Attempts plugin and build on top of it. We did this for you. Protect Login is 100% free and will not bother you with nasty upsells or scare marketing. You have better things to do, don’t you? ### Why not reset failed attempts on a successful login? This is very much by design. Otherwise, you could simply brute force the “admin” password by logging in as your own user every 4th attempt. ### How do I know if my site is behind a reverse proxy? If you’re not sure about this, chances are your site is not behind a reverse proxy. However, Protect Login’s settings offer an option to activate proxy mode. A reverse proxy is a server between the site and the Internet (perhaps handling caching or load-balancing). This makes getting the correct client IP to block slightly more complicated. ### Can I put my IP on an allowlist to avoid getting locked out? Yes, there is an allowlist tab in Protect Login’s settings. ### I locked myself out while testing this plugin; what do I do? Either wait until your account/IP is unblocked, or if you have FTP or SSH access to the site, rename it “wp-content/plugins/protect-login” to deactivate the plugin. ### Do you support IPv6 addresses? Yes, if the webserver passes an IPv6 address to your WordPress installation, the plugin has no problems to handle IPv6 from 1.2.0. ## Recenzije ![](https://secure.gravatar.com/avatar/ebf24a46b59868038e2124a56a0d272ab24bb0731a0c1774763717f0ce403a6f? s=60&d=retro&r=g) ### 󠀁[The plugin makes a lean and clear impression!](https://wordpress.org/support/topic/the-plugin-makes-a-lean-and-clear-impression/)󠁿 [Michael](https://profiles.wordpress.org/michael-luther/) 20. studenoga 2024. Compared to “Limit Login Attempts Reloaded”, it makes a lean and clear impression without any frills. PS: After several weeks of use, I can say that it works reliably on multiple websites. ![](https://secure.gravatar.com/avatar/5706550a5b705b844cfcacac6f96493d9184c0fe21b44d260df307e8de667a4e? s=60&d=retro&r=g) ### 󠀁[It does exactly what it should](https://wordpress.org/support/topic/it-does-exactly-what-it-should-4/)󠁿 [Jonas](https://profiles.wordpress.org/elbsegler/) 22. rujna 2024. It does exactly what it’s supposed to.Thank you for this plugin. It’s very nice not to be bombarded with ads. [ Pročitajte sve 2 recenzije ](https://wordpress.org/support/plugin/protect-login/reviews/) ## Suradnici i Programeri “Protect Login” je softver otvorenog koda. Sljedeće osobe su doprinijele ovom dodatku. Suradnici * [ Simon Kraft ](https://profiles.wordpress.org/krafit/) * [ Thomas Günther ](https://profiles.wordpress.org/tidschi/) “Protect Login” je preveden na 1 jezik. Zahvala [prevoditeljima](https://translate.wordpress.org/projects/wp-plugins/protect-login/contributors) za njihov doprinos. [Prevedite “Protect Login” na svoj jezik.](https://translate.wordpress.org/projects/wp-plugins/protect-login) ### Zainteresirani ste za razvoj? [Pregledajte kôd](https://plugins.trac.wordpress.org/browser/protect-login/), pogledajte [SVN spremište](https://plugins.svn.wordpress.org/protect-login/)ili se pretplatite na [dnevnik razvoja](https://plugins.trac.wordpress.org/log/protect-login/) od [RSS](https://plugins.trac.wordpress.org/log/protect-login/?limit=100&mode=stop_on_copy&format=rss). ## Dnevnik promjena #### 1.4.7 * Bugfix: Fixed Bug in at-a-glance widget #### 1.4.6 * Migration path of password strength rules * Tested with WordPress 6.8 * Improvement: Added description texts to blocklist, allowlist and blocked-addresses list * Improvement: Added Copy-to-Clipboard for Remote API settings * Improvement: One-Click auto-generate for Remote API key #### 1.4.5 * Bugfix: Error message “Invalid credentials” was displayed, when wp-login.php ist called directly or hidden by renaming of Admin Login URL #### 1.4.4 * Bugfix: Fixed issue an invalid login was recognize on logging out from WP * Bugfix: Fixes issue error message always was “too many failed login attempts” even when it was the first trial #### 1.4.3 * Bugfix: Fixed button “Add IP address to allowlist and release” * Bugfix: Fixed displaying setting in “At a glance widget” #### 1.4.2 * Removed “Your IP address” on blocklist tab * Added headlines on allowlist, blocklist and blocked ip addresses * Removed .github dir #### 1.4.1 * Bugfix: Fixed issue that prevented “Add own ip address to allowlist” from working * Auto re-create WP sessions on activating plugin * Bugfix: Fixed issue on creating session cookie on multisite #### 1.4.0 * Automatically clean up the locked-out list a week after IP addresses have been cleared * Improve the design of empty IP lists * Add own IP v6 / IPv6 – Address to allowlist * Check for blocked IP on XML-RPC * Bugfix: Fixed issues that prevented the plugin from discovering that it runs on a multisite * Bugfix: Compatibility fixes to PHP 7.4 * Bugfix: Removed ending slashes from Rest API namespaces #### 1.3.1 * Bugfix: Improved error handling if non-numeric value is stored in wp_options * Cleanup: Removed leading whitespace in translation file for widget * Bugfix: Settings visible on multisite if name of the plugin directory is not “ protect-login” * Bugfix: An error occurred on WP multisites with enabled WP_DEBUG, because of too early load of translation files * Moved “settings” sections to admin_init – action * WP 6.7 compatibility #### 1.3.0 * Count of currently locked-out address visible in “At a glance” Widget * Fixed bug on activation plugin through wp-cli in a multisite environment * Remote API support * Improved multisite support #### 1.2.0 * IPv6 support * Endpoints for WP-CLI * Added filter for password strength * “Settings” link in plugin overview * Bugfix: string “password too short” erroneous appeared in Quick Draft widget, removed. #### 1.1.1 * Removed unused strings * Added translator comments * Restructured some strings for easier translations #### 1.1.0 * Tested with WordPress 6.6 * Added Multisite Support * Added filters to set protection levels programmatically * Fixed issue with timestamps always using UTC #### 1.0.1 * Fixed minor bugs #### 1.0 * Initial version * based on Limit Login Attempts 1.7.1 by Johan Eenfeldt ## Meta * Version **1.4.7** * Zadnje ažuriranje **prije 11 mjeseci** * Aktivnih instalacija **600+** * WordPress inačica ** 5.7 ili viša ** * Testirano do **6.8.5** * PHP inačica ** 7.4 ili viša ** * Jezici * [English (US)](https://wordpress.org/plugins/protect-login/) i [German](https://de.wordpress.org/plugins/protect-login/). * [Prevedite na vaš jezik](https://translate.wordpress.org/projects/wp-plugins/protect-login) * Oznake * [authentication](https://hr.wordpress.org/plugins/tags/authentication/)[login](https://hr.wordpress.org/plugins/tags/login/) [security](https://hr.wordpress.org/plugins/tags/security/) * [Napredni pogled](https://hr.wordpress.org/plugins/protect-login/advanced/) ## Ocjena 5 out of 5 stars. * [ 2 5-star reviews ](https://wordpress.org/support/plugin/protect-login/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/protect-login/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/protect-login/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/protect-login/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/protect-login/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/protect-login/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/protect-login/reviews/) ## Suradnici * [ Simon Kraft ](https://profiles.wordpress.org/krafit/) * [ Thomas Günther ](https://profiles.wordpress.org/tidschi/) ## Podrška Želite nešto reći? Potrebna vam je pomoć? [Pregledaj forum za podršku](https://wordpress.org/support/plugin/protect-login/)