Discussion on Smart Security Tools: Login Limit Addon


GDragoN supports this item


This author's response time can be up to 5 business days.

5 comments found.

suggestion, add an option to prevent more than 1 login at the same time with the same username to avoid sharing accounts.


Thanks for suggestion, I have added this to the list, and it will be added in the future version. This option is a tricky to implement, since users don’t need to logout, and WP doesn’t really track if the user is logged in and active. But, I like this suggestion, and will try to do it.

Regards, Milan

okay, i have seen a few plugins with this functionality out there, so just figured I would suggest it :) not sure how they do it though… bookmarked for now, good luck with sales.

Thanks! I know about some plugins that have that, but they don’t work as expected, I have some ideas that should be reliable.

Regarding the previous request for limiting shared accounts.

If you implement this feature, please consider making the number of simultaneous logins for an account a configurable setting. We too want to restrict account abuse, but would like to allow say 3 simultaneous logins, so that we can be generous but not allow excessive abuse.

For some web sites it may become necessary to allow more than one simultaneous session for technical reasons. An example would a web site with downloadable files with users utilizing aggressive download managers. Technically, the download manager opens one (or usually several) new sessions to download the file outside the web browser.

Thanks for suggestion, this is good idea.

Does this add-on also restrict logins attempts by way of cookies and XML-RPC? Especially the latter, since this is where we have been seeing most of the abuse lately, with bots bombing the heck out of the xmlrpc.php file. Thanks!


Right now plugin hooks into WP login form. It will be expanded to other methods that can be exploited with future versions.



I used “login with ajax” plugin on my sidebar : https://wordpress.org/plugins/login-with-ajax/ and when I activate the Honeypot it add a “confirm email” case where it’s necessary to rewrite our email.

Do you know if it's normal or not ? Thank you very much


I plan to support some of the popular solutions with future versions, but supporting third party plugins is not easy thing to do. I have few plugins on the list to support, but right now I have no idea when that will happen.

I think the plugin that I give you is a good base : It’s free and its code works with all login form.

I have install and tested several plugins for login and this free plugin can block IP on all login form.

If your plugin doesn’t implement this function, I think it’s a very bad point : more and more wordpress site have a several login form for there member, author…etc.

As I said, support for other forms will be added in the future.

Hello… I cant find smart security configuration menu anywhere in my wordpress admin page.

Help me please


For this addon to work, you need Smart Security Tools plugin first, it is clearly stated on the top of the item description.