=== Brute Force Login Security, Spam Protection & Limit Login Attempts === Contributors: miniOrange Donate link: https://miniorange.com Tags: Brute Force,Brute Force protection, Brute Force attack, limit login attempts, bruteforce, Spam Protection, Firewall Security, Malware Scanning, Login Security, login protection, anti spam, spam check, wordfence, ip blocking, strong passwords, htaccess security, ip range blocking, DOS protection, DOS attacks, DDoS, Anti Virus, anti hack, spam filter,comments filter, firewall, country blocking, live traffic, fraud prevention, malware, malware removal, phishing, virus cleaning, virus scanner, cellphone signin, chmod, code, CRLF, CSRF, CORS, encode, error log, front end security, safe browsing, hack, hackers, hacking, heart bleed, heartbleed, heartbleed vulnerability, htaccess, HTTP log, infrastructure security, injection, ipv4, ipv6, litespeed, lock, log, logging, login, login alerts, maintenance, maximum login security, nginx, apache, openssl vulnerability, performance, permissions, personal security prevent, prevention, privacy, private, protection, proxy security, reverse proxy security, scrapers, script, secrity, secure, secure login, secure website, security log, security plugin, securty, seucrity, speed, SQL Injection, two factor, 2 factor, two factor authentication, twofactor, virus, vulnerability, Web application firewall, web server security, website security, wordpress, wordpress cache, wordpress caching, admin security, backup, DB backup, 400, 401, 403, 404, 410, 503, auth cookie, cookie, cookie expiration, authenticate, authentication, authentication cookie, ban, banned, base64, block, blocked, Bot, antivirus, cache, caching, caching plugin Requires at least: 2.0.2 Tested up to: 4.8 Stable tag: 3.0.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Brute Force Login Security, Spam Protection & Limit Login Attempts. IP Blocking, Firewall Security, Anti Spam, protect site from hacks and malware. == Description == Brute Force Login Security, Spam Protection & Limit Login Attempts for Login Protection, IP Blocking, Database backup, protect site from hacks and malware. Brute Force protection, anti spam & Limit Login Attempts provides Login Security, Registrations Security, Brute Force attacks protection, IP monitoring and IP Blacklisting, DOS attacks protection, strong passwords enforcement. Brute Force login attack can be conducted in number of ways. We provide you enterprise level security, protecting your WP website from hackers and malwares. = Features :- = * Login Security – Limit Login Attempts and track user login attempts * User Registration Security – Disallow Disposable / Fake email addresses * Brute Force Login / Attacks Protection- We keep track of user’s login attempts and we send alerts to administrators for unusual activities if someone exceeds allowed failed login attempts. * Password protection – Enforce Strong Password - Check Password strength for all users * IP Blocking - Manual and automatic blocking of IP’s ( Blacklisting and whitelisting included ). * 2 Step Verification (Two Factor)- Rather than relying on a password alone, which can be phished or guessed, Two Factor authentication adds a second layer of security to your accounts. * Risk Based Access- Dynamically analyzes user requests and apply business security policies to application access which minimizes the risks of unauthorized access. * Advanced User Verification- OTP Verification plugin verifies Email Address/Mobile Number of users by sending verification code(OTP) during registration. It removes the possibility of a user registering with fake Email Address/Mobile Number. * Protection for WordPress files- We provide you option to prevent access to user from browsing directory content and editing files from WP Dashboard (Themes and plugins). * Google reCAPTCHA protection for login, registration. * Database Backup- Backup your WordPress database easily with a single click. You can either download your backup or can save it on your server. = Advanced Features :- = * Advanced Blocking – Block users based on: IP range, Country, Browser / User Agent, Referer and HostName(DNS) * Htaccess Website Security Protection- Secure your website from unintended user with htaccess website security protection which blocks user request on server(apache) level. * IP Lookup ( WHOIS )- With IP Lookup you can trace IP address of an suspicious users, you can get an idea what part of the country or world they are accessing your website from. * Security Log – Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging * Comment SPAM Filter and Site SPAM Check- We check if your website is generating SPAM to protect your website getting blocked by search engines. Also we help you to filter comments for malware and phishing urls. * SPAM Protection and google reCAPTCHA for comments- Google reCAPTCHA protects your website from spam and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive CAPTCHAs to keep automated software from engaging in abusive activities on your site. * Notification to admin and end users – Send Email Alerts for IP blocking and unusual activities with user account * DOS (Denial of service) attacks protection – Protect your resources from DOS attacks by slowing down attackers by delaying response and increasing delay in each of his requests and eventually blocking them entirely. * Country Blocking- If you have a website which gets inundated with SPAM or hacking attempts from visitors or bots originating from certain countries we can help you blocking those attempts. * Notifications- Get email alerts for unusual activities with you user accounts. We also support customized email templates which you can use for branding. * Security Log- We keep logs of various activities which help you improve your security, find corrupted pages on your website, increase your performance etc. = LIMIT LOGIN ATTEMPTS = This protects your site from attacks which tries to gain access / login to a site with random usernames and passwords. A Brute Force Attack is the simplest kind of method to gain access to a website. Hackers tries with random usernames and passwords, over and over again, until they gets in. Most of the time such attacks are automated allowing the hackers to try millions of time in a short span. We help you protect your website against brute force login attacks by blocking an IP address of the hacker after a specified limit of failed login attempts within a specified time. = REPORTING = Our advanced reporting help you keep track of activities on your website. Also you get the option for filtering reports with various criterias like username, IP address, date. Also you can export reports in csv and pdf. = VERIFY EMAIL = miniOrange email verification tool actually connects to the mail server of user registering and checks whether the mailbox exists or not. This decreases bounce rate from your email address and saves your email address getting blacklisted. = BLOCK REGISTRATIONS FROM FAKE USERS = We helps you to detect suspicious email addresses instantly. Most of the users use disposable,fake or temporary email addresses for registering on online websites. We help you stop accepting registrations from those emails. = SOCIAL LOGIN INTEGRATION = Social Login allows your visitors to choose from their favourite social login apps to login, comment, share and optionally auto-register with your website or blog. One-click login to your website using social login applications like Google, Twitter, Facebook, Vkontakte, LinkedIn, Instagram, Amazon, Salesforce, Windows Live. Easy integration with your website with options to add Social login on login page, registration page and comments section. = Do you want support? = Please email us at info@miniorange.com or Contact us == Installation == = From your WordPress dashboard = 1. Visit `Plugins > Add New` 2. Search for `Brute Force Login Security, Spam Protection & Limit Login Attempts`. Find and install the plugin. 3. Activate the plugin from your Plugins page = From WordPress.org = 1. Download `Brute Force Login Security, Spam Protection & Limit Login Attempts` plugin. 2. Unzip and upload the `wp-security-pro` directory to your `/wp-content/plugins/` directory. 3. Activate plugin from your wordpress dashboard. = Once Activated = 1. Go to `Settings-> WP Security PRO`, and follow the instructions. 2. Click on `Save` == Screenshots == 1. Configure Login Protection 2. Configure Registration Protection 3. IP Blocking 4. Advanced Blocking 5. Notifications 6. Reports == Changelog == = 2.2 = * Updated advanced features = 2.1 = * Bug Fixes = 2.0 = * Added IP Lookup * Added Protection for WordPress files * Added htaccess Website Security Protection * Added Security Log - Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging * Added Database Backup * Added Comment SPAM Filter and Site SPAM Check * Added Google reCAPTCHA protection for login, registration and comments = 1.0 = * this is the first release. == Upgrade Notice == = 2.2 = * Updated Advanced features = 2.1 = * Bug Fixes = 2.0 = * Added IP Lookup * Added Protection for WordPress files * Added htaccess Website Security Protection * Added Security Log - Logs Blocked IPs, Spammers, Bots, HTTP 404,403 and 400 logging * Added Database Backup * Added Comment SPAM Filter and Site SPAM Check * Added Google reCAPTCHA protection for login, registration and comments = 1.0 = First version of plugin.