Description
This plugin allows you to restrict the login on your website, based on the custom rules you apply. This helps with tightening your website security and fights against dictionary bot attacks originating from other countries, by denying access.
By default, upon activation, the plugin does not apply any restriction. You can configure the plugin to allow the login only from specified IPs or from specified countries. Additionally, the plugin allows for redirects to the front page when the default “Login” and “Register” URLs are accessed by someone that has a restriction. You can also specify other custom URLs to be redirected to the front page as well, following the same restriction rules.
The PRO version includes other useful features.
Bypass the IP and country restriction for the specified roles
You have to option to bypass the login restriction that you put in place (based on the country or IP) for specific user roles.
This is useful for online shops, where your customers place orders then authenticate on your website. This happens from various locations that might not be included in the allowed IPs or countries filters, and using this feature would grant them access to their accounts right away.
Redirect restricted login pages to 404
When the user attempts to authenticate and the account is restricted either by IP or country, if the role is not in the list of bypassed roles, then the user will see a plain “Forbidden!” message. If you enable this option, the page will redirect to your “404” page instead of showing the message.
WooCommerce Integration
With this setting, you can instruct Login IP & Country Restriction plugin to auto-adapt to new customers on your WooCommerce shop, so that their country to automatically be added to the list of allowed countries. This grants them login access right away.
Temporarily disable all settings
If for various reasons, you need to temporarily disable all restrictions and any other settings of this plugin, you can use this option, without losing the current settings.
Lockout duration
When a user attempts to authenticate and the restriction kicks in, the user will not be able to login in the next hour (the default duration is 60 minutes). You can change the lockout duration if necessary.
Individual lockout
If for various reasons, you need to temporarily disable the login for a specific user, you can enable this option. With the setting on, you can edit the user account(s) you wish to restrict. You will see the list of restricted users in the plugin settings page.
Don’t worry, you can revert this option at any time. If you need to grant back the access to all the user accounts you restricted, just uncheck the individual logout option in the settings.
