Plugin Of The Week – 12/09/2013 – Login Security
Securing Your WordPress Login Access
One of the most important aspects of keeping WordPress or any other website secure is the ability to restrict access to the login panels. Anytime you allow for people to login to a website you run the risk of having a breach of security. This could take into account a number of scenarios such as poor login credentials or or lack of security protecting those credentials.
In either case, one way to help keep track of such problems is to monitor and track exactly who is login into your system. This weeks plugin does just that.
Plugin Version: 1.0.1
WordPress Compatibility: 3.7.1
Last Updated: 11-30-2013
Average 5-Star Rating: 5 (1 vote so far)
This is actually the first time we have listed an Up and coming plguin to be a POTW. This plugin version 1.0.1 is the initial release of this plugin. But it has a few things going for it that we would like users to consider it in the future as a potential winner.
What Login Security Does (According to the Author)
A lot of brute-force attacks are performed on WordPress websites without you probably noticed it. These attacks are performed by computer programs and consists to try every possible password until to find the correct one. If you use a popular password such as “123456” or “qwerty” it’s very easy to access your website through a brute force attack.
Login Security is a plugin that tries to protect you against such attacks. Every successful or failed login attempts are recorded. You will probably discover that a lot of brute force attacks are performed on your website.
This plugin can tell you how many times an IP address tried to access to the Back-Office of your WordPress website. Then you can easily block the access of this IP address in just “one click”.
On the tested websites there was an average of over 800 login attempts per day.
- Records every login attempts (failed or successful). Can be used to tell you when a user login
- Display all the failed login or successful login with the associated IP, User-Agent and HTTP referer
- Stats over the number of failed login during last 7 days and last 12 months
- Discover which IP address tries the most to access your website
- Banned an IP address
- Multi languages : English, French (from : France, Canada, Belgium, Switzerland and Luxembourg)
Why We Like Login Security
One of the most common complaints when trying to integrate multiple security options os overlapping features. Many other security plugins may or may not actively include this feature of protecting login access.
This plugin only handles login access and records those login attempts being made.
In the event you are using a plugin for security that does not track user logins directly you can integrate this one with little to no overlapping functionality. In the past we might have used a plugin such as Apocolypse Meow as we like the “Login Jail” that is offered. That plugin though will run into those overlap issues that we mention with other features included in that plugin.
Tony, the plugin author is relatively young in the development stages having presently 4 plugins published with his first being WP SiteMap Page with only about 33k downloads. His newer plugins, of which the Login Security is the most recent, shows us that Tony is likely here to stay and has been busy putting out quality WordPress plugins.
As this was a new plugin for him we looked at his track record for support on his previous plugins. We liked what we saw. He is an active, enthusiastic developer who is posting regularly and fixing any problems being encountered. We hope he will continue to develop this plugin as well as his previous plugins.
Anyone needing to just add this type of functionality should give this plugin a try. Help Tony out with any issues and requests for features and give a new younger plugin author a sense of community support for his effort.
We look forward to seeing more plugins in the future. Keep up the great work.
You can visit Tony’s Blog here: http://en.tonyarchambeau.com
Grab the plugin from the WordPress.Org Repository here: