This plugin hasn’t been tested with the latest three major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

HTTP/1.1 403 Forbidden header on a failed login

Description

Send an “HTTP/1.1 403 Forbidden” header on a failed login instead of “HTTP/1.1 200 OK”, which is the WordPress default header on failed login. This is a tremendously simple plugin that does only that and absolutely nothing else.

The purpose of this plugin is to provide a way to allow external tools like fail2ban to get a message of a failed login e.g. to prevent a brute-force attack on a firewall level.

For the public domain.

Uses PHP5.3 anonymous functions and will not work on earlier versions of PHP

Reviews

October 9, 2019
This functionality should be default behavior, implemented in the core of WP. Integration with Fail2Ban significantly increase security and performance of WP. Must have plugin
Read all 2 reviews

Contributors & Developers

“HTTP/1.1 403 Forbidden header on a failed login” is open source software. The following people have contributed to this plugin.

Contributors