WP Login Attempt Tracker

A lightweight security plugin to monitor and track failed login attempts on your WordPress site. Identify potential brute-force attacks and audit unauthorized access attempts.

🛡️ Download Login Tracker

✓ Track Failed Logins • ✓ Monitor IPs • ✓ Admin Dashboard

Version: 1.0.0 • Updated: December 2025

Track Failures

Monitor Access

Detailed Logs

Audit Trail

Monitor Login Activity & Secure Your Site

WP Login Attempt Tracker is an essential security tool designed to keep you informed about who is trying to access your site. By logging every failed login attempt, including IP addresses and timestamps, it helps you identify brute-force attacks and suspicious activity patterns before they become a real threat.

Key Features

Gain visibility into your site’s access security:

Detailed Error Logs

Records every failed login attempt with precise timestamps, so you know exactly when someone tried to guess a password.

IP Address Tracking

Captures the IP address of the intruder. Use this information to block malicious IPs at the server or firewall level.

Admin Dashboard Widget

View the latest failed login attempts directly in your WordPress dashboard. Stay updated at a glance.

Display Shortcode

Use the [failed_login_count] shortcode to publicly display the number of blocked attempts, showing users you take security seriously.

Lightweight Logging

Stores data efficiently in a custom table, ensuring it doesn’t clutter your main posts table or slow down your site.

Username Tracking

See which usernames attackers are trying to guess. Helps you identify if they are targeting specific admin accounts.

Why usage Login Attempt Tracker?

Identify Brute Force Attacks: Spot repeated failures from the same IP instantly.
Audit Security: Check if your legitimate users are struggling with passwords.
Prevent Unauthorized Access: Knowledge is power; knowing you are under attack allows you to take defensive measures.
Simple & Lightweight: Does one thing and does it well, without the bloat of massive security suites.
Free Forever: essential security monitoring should be accessible to everyone.

Installation & Setup

Download the Plugin:
- Click the “Download Plugin (ZIP)” button above.
- Save the `wp-login-attempt-tracker.zip` file to your computer.
Upload to WordPress:
- Go to your WordPress admin dashboard.
- Navigate to Plugins → Add New → Upload Plugin.
- Upload the zip file and click “Install Now”.
Check the Logs:
- Activate the plugin.
- Navigate to the new “Login Attempts” menu in your dashboard to view the log table.

Trusted by Site Admins

“I had no idea my site was being hammered by bots until I installed this. Now I can block the IPs at Cloudflare level. Lifesaver!”

– Alex D., System Admin

“Simple and clean. It just records the failed attempts in a list. Exactly what I needed without complex configuration.”

– Maria R., Developer

“The shortcode feature is cool! I put it in my footer to show how many hackers we’ve stopped. Kind of a badge of honor.”

– Chris P., Blogger

Frequently Asked Questions

Does this plugin block IP addresses?

This free version is a *tracker* only. It logs the attempts so you can identify the source. For automatic blocking, consider using a firewall plugin or blocking the logged IPs manually.

Will it slow down my site?

No. The logging only occurs when a login *fails*. For normal site visitors and successful logins, the plugin does absolutely nothing, ensuring zero performance impact.

Can I clear the logs?

Yes, the admin dashboard includes a “Clear Logs” button to empty the database table if it gets too large or if you just want to start fresh.

Does it record my own failed attempts?

Yes, it records *all* failed attempts regardless of who makes them. This ensures comprehensive tracking but you can simply ignore your own accidental typos.