Limit login attempts

So what’s the conclusion how can i do this?

Havent been able to do it yet

There are 2 possible solutions at the moment:

  • A custom code snippet for the hivepress/v1/models/user/login action, count attempts and save them in cache with expiration (or post meta)

  • Using a third-party plugin, if it has an API function for just counting the attempts by username or user ID, it’s possible to do this using the same action hook

So what do you do to safeguard your site against possible hackers?

for now I have the capcha, but I dislike it alot, so looking for the 3-5 attempts implementation

I’m not so familiar with customization (you seem to be quite knowledgeable and experienced), does using a third-party plugin together with the code you and ihor chatted about, dont do the job?

There are the same security measures as for WordPress itself, I recommend using a solution like Fail2ban which will block any repeatable requests, not just login requests, this way a specific login request limitation will not be required. Also, enabling reCaptcha will prevent 99% of repeatable or bot requests, so brute forcing someone’s login credentials will be nearly impossible.