BruteFort – Rate Limit, Custom Login URL, Geo Blocking & IP Restriction

BruteFort is your WordPress site’s complete login security solution focused on four core protections: Rate Limit, Custom Login URL, Geo Blocking, and IP Restriction.

Protect against brute force attacks, hide your login page with a custom URL, block countries with geo rules, and control access using IP whitelists/blacklists – all in one lightweight, performance-optimized plugin.

Whether you’re running a blog, a WooCommerce store, or a membership site, BruteFort keeps bots, hackers, and unauthorized users out while maintaining fast page speeds.

🔐 Core Security Features

🛡️ Rate Limit & Brute Force Protection – Limit repeated login attempts per IP – Configure attempt windows and lockout duration – Apply progressive lockouts for repeated abuse – Reduce automated credential stuffing and bot attacks

🔗 Custom Login URL (Hide wp-login.php) – Replace the default /wp-login.php endpoint with your custom slug – Return 404 for direct wp-login.php requests – Reduce scanner and bot traffic on known login endpoints – Keep login access private for authorized users

🌐 Geo Blocking (Country-Based Restrictions) – Block or allow login attempts by country – Blacklist mode: Block specific countries from accessing wp-login.php – Whitelist mode: Only allow login from selected countries – IP geolocation detection (Cloudflare compatible) – Perfect for region-specific sites or blocking high-risk countries

📍 IP Restriction (Whitelist & Blacklist) – Enforce custom IP allow/deny rules for login protection – Add individual IPs or CIDR ranges – Instantly block suspicious IPs – Whitelist your own IP to prevent lockouts – Bulk IP management with easy interface

📊 Real-Time Monitoring & Logs – View failed login attempts in real-time – Track IP addresses, usernames, and timestamps – Filter logs by status, date, or IP – Manual unlock for accidentally locked users – Export logs for security audits

⚡ Performance & Compatibility – Lightweight and performance-optimized – Works with Cloudflare, proxy servers, and CDNs – Compatible with most security plugins – Dark mode UI support – No impact on page load speeds

🎯 Perfect For

• WooCommerce stores protecting customer data and preventing unauthorized access
• Membership sites restricting access by geographic location
• Corporate websites blocking countries where business doesn’t operate
• Blog owners hiding login page from automated bots and scanners
• Agencies managing multiple client sites with different security requirements
• High-traffic sites experiencing frequent brute force attacks
• International sites wanting region-specific login restrictions

🚀 Why Choose BruteFort?

• Core protection stack: Rate Limit + Custom Login URL + Geo Blocking + IP Restriction
• Easy to use: Simple, intuitive interface with no complex configuration
• Performance-focused: Minimal resource usage, no site slowdown
• SEO-friendly: Properly handles redirects and 404s
• Privacy-conscious: No external API calls for basic features (optional geo API)
• Regular updates: Actively maintained with new features added regularly