Log failed login attempts on WordPress?

3 Views

I’d like to create an script to automatically ban (via .htaccess) any user that makes an incorrect login attempt, but I see WordPress doesn’t write any log including this info.

I have also seen there are some plugins thaat record this info, but they record this log on database, not on a log file.

Read More

Does anyone know how I can generate a log file that includes all failed login attempts on my wordpress-based site?

Thanks! 

     Jorge
Post Views: 3

Related posts

Leave a Reply

1 comment

  1. I’ve written a WordPress Plugin that logs failed login attempts to the apache error log:

    add_action( 'wp_login_failed', 'login_failed' );
function login_failed( $username ) {
    error_log("user $username: authentication failure for "".admin_url()."": Password Mismatch");
}

    I use this to block multiple login attempts with fail2ban.