Guard your login form by limiting login failures from the same IP.
Mythic Cerberus records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that IP address. This helps to prevent brute force password discovery and attacks.
The plugin defaults to blocking an incorrect username immediately, and a 10 minuite lock out of an IP block after 5 failed login attempts within 5 minutes. This can be modified in options, and administrators can release locked out IP ranges manually from the dashboard.
Mythic Cerberus is a fork of “Login Lockdown“, and preserves the traditional interface and functionality of that plugin.
Plugin setting can be configured via Settings – Mythic Cerberus in the dashboard.
ver. 1.8.1 30-Sep-2019
adding missing ./languages folder
ver. 1.8 30-Sep-2019
fixed issues with internationalization, added .pot file
changed the credit link to default to not showing
ver. 1.7.1 13-Sep-2016
fixed bug causing all ipv6 addresses to get locked out if 1 was
moved the report for locked out IP addresses to its own tab
ver. 1.6.1 8-Mar-2014
fixed html glitch preventing options from being saved
ver. 1.6 7-Mar-2014
cleaned up deprecated functions
added the ability to remove the “Login form protected by Login LockDown.” message from within the dashboard
ver. 1.5 17-Sep-2009
implemented wp_nonce security in the options and lockdown release forms in the admin screen
fixed an issue with the ‘Lockout Invalid Usernames’ option not functioning as intended
ver. 1.4 29-Aug-2009
removed erroneous error affecting WP 2.8+
added in the option to lock out failed login attempts even if the username doesn’t exist
ver. 1.3 23-Feb-2009
allowed for dynamic location of plugin files
ver. 1.2 15-Jun-2008
now compatible with WordPress 2.5 and up only
ver. 1.1 01-Sep-2007
revised time query to MySQL 4.0 compatibility
ver. 1.0 29-Aug-2007
released