hosting tutorials WeChat Top

👋🏼Welcome to my WP-Host blog where I am excited to share my knowledge and expertise on WordPress hosting and website construction tutorials with you. Let’s connect and learn from each other! You can reach me at info@yrshare.com.

Email Me

(如果你会中文,可以点击微信图标与我联系。)

扫一扫加我

注:因个人英文水平有限,所以暂时只能为懂中文的朋友提供wordpress建站服务

微信:18200592859 或 yrwordpress

Limit the number of user logins to protect your wordpress website(3 ways to achieve)

Limit the number of user logins to protect your wordpress website: This article is a simple and practical wordpress tutorials, mainly to share with you how to protect the login security of the wordpress website, and prevent others from trying to log in to your website unlimited times by limiting the number of login times, sharing 3 implementation methods, there is always one suitable for you.

【WP-Host/悦然wordpress建站】
Limit the number of user logins to protect your wordpress website(3 ways to achieve)-WP-Host

Keep sharing wordpress tutorials. Website security is one of the issues we must pay attention to. There are many website background login systems that allow you to enter passwords unlimited times, so in theory, as long as you keep trying, hackers may crack your website passwords, thus affecting your age.

Carrying out illegal operations will have serious consequences.

So what to do? Next【WP-Host/悦然wordpress建站】will share with you the method of limiting the number of user logins.

Method 1: Use the code

We can add the following code to the functions.php file of the current wordpress website building theme to achieve the effect of limiting the number of user logins:

/*-----------------------------------------------------------------------------------*/
/* Limit the number of user logins to protect your wordpress website
/*-----------------------------------------------------------------------------------*/
# 阻止登录的函数,直接 404
function block_login() {header("HTTP/1.1 404 Not Found");header("Status: 404 Not Found");exit;}
# 登录前判断登陆的失败次数
add_action("login_head",function () {
$login_ip = $_SERVER['REMOTE_ADDR'];
$login_ip_list = unserialize(get_option("LOGIN_IP_LIST"));
# 登录失败超过2次就进行阻止登陆
if($login_ip_list && ($login_ip_list[$login_ip] > 2)) {block_login();}});
# 登录失败的处理
add_action('login_errors', function ($info) {
$login_ip = $_SERVER['REMOTE_ADDR'];
$login_ip_list = get_option("LOGIN_IP_LIST");
if($login_ip_list) {$login_ip_list = unserialize($login_ip_list);} else {$login_ip_list = array();}
# 登录次数 + 1
$login_ip_list[$login_ip] += 1;
update_option('LOGIN_IP_LIST', serialize($login_ip_list));
# 提示登录失败的次数
return "$login_ip 登陆次数 " . $login_ip_list[$login_ip];});
# 证明已经登录成功了
add_action("admin_menu", function () {
$login_ip = $_SERVER['REMOTE_ADDR'];
$login_ip_list = unserialize(get_option("LOGIN_IP_LIST"));
$login_ip_list[$login_ip] = 0;
update_option('LOGIN_IP_LIST', serialize($login_ip_list));});

The above code can limit the number of logins according to the IP. The default is to limit the number of logins if it exceeds 2 times. You can also modify the value according to the actual situation. The Chinese notes inside can be modified or deleted.

Adding code to the functions.php file may be affected by updating the theme or updating the theme. 【WP-Host/悦然wordpress建站】recommends that you use the Code Snippets plugin instead of the functions.php file.

Code Snippets

https://wordpress.org/plugins/code-snippets/

Method 2: Use a plugin

In addition to usage and code, we can also use wordpress plugins to limit the number of user logins. The wordpress plugin recommended here is Limit Login Attempts Reloaded.

Limit the number of user logins to protect your wordpress website(3 ways to achieve)-WP-Host

Limit Login Attempts Reloaded

https://wordpress.org/plugins/limit-login-attempts-reloaded/

The Limit Login Attempts Reloaded plugin can be downloaded in the plugin center, or can be downloaded and installed through the link above.

Limit the number of user logins to protect your wordpress website(3 ways to achieve)-WP-Host

After the plug-in is installed and enabled, you only need to make simple settings, and then save it to take effect.

Method 3: Use the Site Ground Security Plugin

If you are using a Site Ground hosting, you can directly use their wordpress security plug-in SiteGround Security, which is usually provided with the host. You only need to install wordpress in the background of the Site Ground hosting with one click, and it will be installed automatically.
Then you go directly to configure and use it.

Summarize

The above is today’s wordpress tutorial. I hope everyone can pay attention to website security issues. In addition to limiting the number of user logins, we can further improve website security performance through firewalls and other methods.

2023031804362181

继续分享wordpress教程。网站安全是我们必须要重视的问题之一,有很多网站后台登陆系统都是可以无限次输入密码的,所以理论上只要不断的尝试,黑客就有可能破解你的网站密码,从而对你的岁进行一下非法操作,后果严重。

那要怎么办呢?接下来【WP-Host/悦然wordpress建站】给大家分享限制用户登陆次数的方法。

步骤一:使用代码

我们可以在当前wordpress建站主题的functions.php文件中添加以下代码来实现限制用户登陆次数的效果:

/*-----------------------------------------------------------------------------------*/
/* Limit the number of user logins to protect your wordpress website
/*-----------------------------------------------------------------------------------*/
# 阻止登录的函数,直接 404
function block_login() {header("HTTP/1.1 404 Not Found");header("Status: 404 Not Found");exit;}
# 登录前判断登陆的失败次数
add_action("login_head",function () {
$login_ip = $_SERVER['REMOTE_ADDR'];
$login_ip_list = unserialize(get_option("LOGIN_IP_LIST"));
# 登录失败超过2次就进行阻止登陆
if($login_ip_list && ($login_ip_list[$login_ip] > 2)) {block_login();}});
# 登录失败的处理
add_action('login_errors', function ($info) {
$login_ip = $_SERVER['REMOTE_ADDR'];
$login_ip_list = get_option("LOGIN_IP_LIST");
if($login_ip_list) {$login_ip_list = unserialize($login_ip_list);} else {$login_ip_list = array();}
# 登录次数 + 1
$login_ip_list[$login_ip] += 1;
update_option('LOGIN_IP_LIST', serialize($login_ip_list));
# 提示登录失败的次数
return "$login_ip 登陆次数 " . $login_ip_list[$login_ip];});
# 证明已经登录成功了
add_action("admin_menu", function () {
$login_ip = $_SERVER['REMOTE_ADDR'];
$login_ip_list = unserialize(get_option("LOGIN_IP_LIST"));
$login_ip_list[$login_ip] = 0;
update_option('LOGIN_IP_LIST', serialize($login_ip_list));});

以上代码可以根据IP来限制登陆次数,默认是超过2次就限制登陆,你也可以根据实际情况修改数值。

使用把代码添加到functions.php文件中可能会受更新主题或更新主题的影响,【WP-Host/悦然wordpress建站】推荐大家使用Code Snippets插件代替functions.php文件。

Code Snippets

https://wordpress.org/plugins/code-snippets/

方法二:使用插件

除了使用和代码,我们还可以使用wordpress插件来限制用户登陆次数,这里推荐的wordpress插件是Limit Login Attempts Reloaded。

2023031804363628

Limit Login Attempts Reloaded

https://wordpress.org/plugins/limit-login-attempts-reloaded/

Limit Login Attempts Reloaded插件可以在插件中心下载,也可以通过上面的链接下载安装。

2023031804364517

插件安装启用之后只需要进行简单的设置,然后保存就可以生效了。

方法三:使用SiteGround Security插件

如果你使用了是SiteGround主机,那么可以直接使用他们提供wordpress安全插件SiteGround Security,这个插件一般是随主机一起提供的,你只需要在SiteGround主机后台一键安装wordpress,它会自动安装,然后你直接去配置使用就可以了。

总结

以上就是今天的wordpress教程,希望大家能够重视网站安全问题,除了限制用户登陆数次,我们还可以通过防火墙等方式进一步提升网站安全性能。

WordPress Hosting / 悦然wordpress建站

WordPress Hosting / 悦然wordpress建站

【WordPress Hosting / 悦然wordpress建站】I am a WordPress hobby from China, and I like to communicate with friends from all over the world to learn WordPress website building and maintenance related knowledge.