Description
IMPLEMENT CUSTOMIZED SECURE WORDPRESS LOGIN POLICIES WITH EFFICIENCY
Achieve better WordPress login and password security through policies that put you firmly in the driver’s seat. With high customizability and granularity, login security policies can be implemented by user role or site-wide for complete control over the security of your websites’ login process.
FEATURES & BENEFITS | UPGRADE TO PREMIUM | GETTING STARTED
Use the free edition of Melapress Login Security to implement WordPress password minimum length and complexity. The plugin also allows you to set expiration policies, prevent users from recycling old passwords, limit failed login attempts, and automatically disable inactive user accounts, among other things.
MAINTAINED & SUPPORTED BY MELAPRESS
Melapress builds high-quality WordPress security & admin plugins such as WP 2FA, CAPTCHA 4WP,and WP Activity Log, the #1 user-rated activity log plugin for WordPress.
Visit our website to see how our plugins can help you better manage and improve the security and administration of your WordPress websites and users.
Features
Ensure your WordPress users use the most secure password policies through the following plugin features:
Features list
- Limit failed login attempts and automatically disable user accounts after a number of failed login attempts
- Change the login page URL (and set a 404 for the old page)
- Set policies by role or site-wide
- Provide users with helpful instructions during password configuration to meet set policy
- Set minimum password length
- Mandate the use of upper and lower case characters, numeric digits, and special characters
- Set an automatic password expiration policy (also advise users when password is about to expire)
- Disallow users from recycling old passwords
- Disable password reset links
- Mandate WordPress password reset on the first login
- Define policy priority for users with multiple roles
- Reset all users’ passwords with just one click
- Add a GDPR consent notice to the login page (required by GDPR & PCI DSS compliance)
Upgrade to Melapress Login Security and get more
The premium edition of Melapress Login Security comes bundled with even more features, which enable you to take your WordPress website login security to the next level. Disable inactive WordPress user accounts and force passwords to be reset once accounts have been unlocked. Inactive accounts can be managed within a single dashboard for increased efficiency and faster response times. Moreover, you can set accounts to be locked out after a number of failed login attempts and customize the duration and method of unlocking them.
Features list
- Everything in the free version
- One-click integration with third-party plugins such as WooCommerce, LearnDash, Memberpress, and many others
- Automatically disable inactive WordPress users after a set time
- Add Geo-blocking rules to restrict login page traffic to specific countries, or block traffic from specific countries
- Restrict every user’s login to an IP address, or a configurable number of IP addresses
- Restrict WordPress users’ login time by day and/or hours
- See reports of when users were last active, what’s their password age, and whose password is expired
- Receive detailed weekly summary reports over email of password resets and changes, user account lockouts, and more
Free and premium support
Support for MelaPress Login Security is free on the WordPress support forums.
Premium world-class support is available via email to all Melapress Login Security users
Note: Customer support for customers on a premium plan is given priority and is provided via one-to-one email. Upgrade to premium to benefit from priority support.
For any other queries, feedback, or if you simply want to get in touch with us, please use our contact form.
Further reading and documentation
You can find more detailed information about WordPress website security, password security and user management, security best practices, and much more in the recommended reads linked below.
WordPress Password Policy: Enforcing strong passwords
WordPress security & hardening – the definitive guide
The definitive guide to WordPress security plugins
Install the plugin from within WordPress
- Navigate to Plugins > Add New
- Search for “Melapress Login Security”
- Install & activate Melapress Login Security from your Plugins page
Install the plugin manually (via file upload)
- Download the plugin from the WordPress plugins repository
- Unzip the zip file and upload the folder to the /wp-content/plugins/ directory
- Activate the Melapress Login Security plugin through the Plugins page in WordPress
Screenshots
FAQ
-
Does the plugin send any data to Melapress?
-
No, the plugin does not send any data to us whatsoever. The only data we recieve is license data from the premium edition of the plugin.
-
Does the plugin receive updates?
-
We update the plugin fairly regularly to ensure the plugin continues to run in tip-top shape while adding new features from time to time.
-
Support and Documentation
-
Please refer to our support pages for all the technical and product documentation.
-
How can I report security bugs?
-
You can report security bugs through the Patchstack Vulnerability Disclosure Program. Please use this form. For more details please refer to our Melapress plugins security program.
Reviews
Contributors & Developers
“MelaPress Login Security” is open source software. The following people have contributed to this plugin.
ContributorsTranslate “MelaPress Login Security” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.3.1 (2024-05-30)
-
New features
- New GDPR consent message on the login page (this is a new optional setting and the admins can also edit the message).
- New shortcode to add the GDPR consent message to any custom login page.
- Password expiry notification: users can now be notified via a notice in the dashboard prior to their password expiring.
-
Plugin improvements
- Added some more links to plugin’s documentation in the plugin’s help text.
- Added in-dashboard notification to advise users what is new and improved in the plugin with each update.
- Enhanced Notification System: Improved the overall infrastructure of the plugin’s notification system.
- Created a new “User Management” page and centralized the “Locked Users” and “User import/export” in this new section, for a better UX.
- Updated some settings to ensure they all use the same prefix in the database settings table.
- PHP Function Tweaks: Adjusted some PHP functions to prevent potential errors when timed login policies are active.
-
Bug fixes
- Fixed an edge case in which a fatal error is caused when unlocking a locked user and both the Free and Premium editions are installed.
- Security patch: fixed a low severity security issue reported by YC_Infosec.
Refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous version updates of Melapress Login Security.