Hackers often use brute force attacks to gain access to WordPress sites. They try different usernames and passwords repeatedly until they gain entry. However, you can protect your site against such threats with the login protect WordPress plugins. Once a particular IP address reaches a specified number of login attempts in a certain time period, it will automatically get blocked and a custom message may be flashed to the blocked users.
Login Limit Addon for WordPress – $9
Prevent Keylogging and Phishing – $18
Brute Force Login Protection
Limit Login Attempts Plugin for WordPress
Hide Login+ plugin for WordPress
The modules can be used to manually block or whitelist a particular IP address and they support delay execution after failed WordPress Login Plugins attempts. The module can notify a user about remaining attempts on the login page.
Stealth Login Page
Login Security Solution