Alternative to Limit Login Attempts plugin?
WP Cerber is the best possible and free alternative that works out of the box
It looks like that the WP Cerber plugin does the same things as Limit Login Attempts plugin. Yes, and no. WP Cerber does much more. More flexibility, more control, more abilities. WP Cerber is the best possible alternative and drop-in replacement. It has a bunch of outstanding security features and works out of the box.
I’ve been using the Limit Login Attempts plugin for my WordPress for a while. For years it was a must have WordPress plugin for all of my sites. The main downside of this plugin is that it has not been updated in over 4 years. It has compatibility issues that will become a future problem if the plugin is not actively supported.
A better Limit Login Attempts plugin
WP Cerber is a professional grade WordPress security plugin. It protects from brute force attacks by limiting the number of login attempts through the login form, XML-RPC / REST API requests or using auth cookies.
It gives you the ability to restricts access with the Black IP Access List and the White IP Access List. Just kick all those bots and hackers out.
Always improving limit login attempts algorithms
WP Cerber is an always-improving security plugin that gains new features every month. The author with his world-class engineering experience constantly iterates upon every part of plugin’s security algorithms making the plugin smarter and more reliable with every new release.
The plugin works out of the box
Just install and activate it. The plugin starts mitigating brute force attacks immediately. You can easily install WP Cerber in the WordPress dashboard (Plugins -> Add New) or from WordPress plugins repository: https://wordpress.org/plugins/wp-cerber/
How does WP Cerber protect websites?
By default, WordPress allows unlimited login attempts through the login form, XML-RPC or by sending special cookies. This allows passwords to be cracked with relative ease via brute force attack. WP Cerber blocks intruders by IP address or subnet from making further attempts after a specified limit on retries is reached, making brute force attacks or distributed brute force attacks from botnets impossible.