PrivacyBest OfFree ToolsWordPressHow To

WordPress IP Blocker Pro: The Free Plugin Every WordPress Site Should Run

M
Michael Rake
··5 min read
WordPress IP Blocker Pro: The Free Plugin Every WordPress Site Should Run

Roughly 60% of WordPress login traffic globally is brute force attempts. Most of it comes from a small number of countries. Most of it can be stopped at the door, for free, by WordPress IP Blocker Pro. This is a full setup guide.

What it does

  • IP-level blocking. Block specific IPs, ranges, or CIDRs.
  • Country-level blocking. Block traffic from entire countries that have no business reaching your site.
  • Brute-force protection. Auto-blocks IPs after repeated failed login attempts.
  • Audit log. See what was blocked and why, so you can tune the rules without flying blind.
  • All free. No subscription, no per-traffic charges, no SaaS dependency.

Why this beats a SaaS WAF for most sites

Cloud WAFs are great for high-traffic sites that need DDoS protection at the network edge. For most WordPress sites — small business, blogs, portfolios — a SaaS WAF is overkill that adds latency and a per-traffic bill. A well-configured plugin running locally stops the same script-kiddie traffic for free. See why self-hosting is making a comeback for the broader argument.

Step-by-step setup

1. Install

Download from your LionScripts account and upload via Plugins → Add New → Upload Plugin. Activate.

2. Configure country blocking

Open the plugin settings. By default, allow all. Block countries that match your traffic profile:

  • If you sell only in your home country, block everything else by default and whitelist exceptions.
  • If you're global, block the 5-10 countries with the highest bot traffic ratio (commonly: known compromised regions; check your audit log).

3. Configure brute-force thresholds

The default — block after 5 failed login attempts in 15 minutes — is reasonable. Tighten to 3 attempts if you have a small user base.

4. Set up audit log retention

Keep at least 30 days of audit logs. They're how you'll tune the rules.

5. Test it

From a VPN exit in a blocked country, try to load your site. You should see the block page. Disconnect. You should load normally. Without this test, you don't know it's working.

Common mistakes to avoid

  • Blocking your own country accidentally. Whitelist your IP and your team's IPs first. Always.
  • Setting brute-force thresholds too tight. Honest users mistype their password. 3 attempts at 15 minutes is the floor; 5 is more realistic for small teams.
  • Not whitelisting your CDN's IPs. If you're behind Cloudflare, whitelist Cloudflare's IP ranges; otherwise the plugin sees all traffic as coming from CF.
  • Forgetting the audit log. Without logs, you don't know what's working.

Pair it with these for a full security stack

eDarpan WordPress Protection for content theft. SiteGuard Pro for staging-site protection. Webmaster Tools Suite for SEO foundation. The full layered approach is documented in our WordPress security stack guide.

Browse the catalog

See all WordPress plugins on LionScripts and our WordPress plugins actually worth installing roundup.

Recent Posts

View all →
How to Buy Software Online Safely: A Practical Guide

How to Buy Software Online Safely: A Practical Guide

Counterfeit license keys, fake "free" versions, sketchy resellers — the software market has more scams than people realize. Here's how to spot them.

May 23, 2026

LionPaste Review: The Mac Clipboard Manager Worth Switching To

LionPaste Review: The Mac Clipboard Manager Worth Switching To

A full review of LionPaste — unlimited clipboard history, regex search, snippets, paste queue, AES-256 encryption, and an iOS companion app. Why we made it the default Mac clipboard manager pick.

May 22, 2026

The Best Cross-Platform Software for Windows, macOS, and Linux in 2026

The Best Cross-Platform Software for Windows, macOS, and Linux in 2026

A practical roundup of the most useful software for power users across Windows, macOS, and Linux — clipboard managers, file utilities, security tools and more.

May 21, 2026

The Complete WordPress Security Stack: Layered Defense Done Right

The Complete WordPress Security Stack: Layered Defense Done Right

Four LionScripts plugins that together cover network blocking, content protection, staging-site safety, and webmaster verification. The full stack in one walkthrough.

May 19, 2026

Most Popular Software

View all →
WordPress IP Blocker Pro

WordPress IP Blocker Pro

Protect your WordPress site from brute-force attacks, spam traffic, scrapers, and unwanted visitors with intelligent IP and country blocking.

4.4
1,559,152 downloads
eDarpan WordPress Protection

eDarpan WordPress Protection

Protect your WordPress site from content theft and malicious visitors

4.3
1,497,742 downloads
Prestashop Total Protection Pro

Prestashop Total Protection Pro

Protect your Prestashop site from content theft

4.3
188,727 downloads
LionPaste

LionPaste

Instantly search, reuse, and paste your clipboard history on Mac with a fast, privacy-first clipboard manager built for productivity.

4.1
177,253 downloads

Browse by Platform

View all →
Web(10)Windows(7)macOS(7)Linux(6)WordPress(5)Android(4)