SEO & Accessibility
AI
Localization
Ecommerce
Forms
Fields
Development
Security
Templating
Performance
Control Panel
Widgets
Assets
Utilities
Mailer Adapters
Social Networking
Integrations
Login Lockdown
Version 1.0.3
February 4, 2026
Fixed
- Login attempts from already-blocked IPs are now recorded and reset the lockout timer
Version 1.0.2
February 2, 2026
Fixed
- Corrected GitHub repository URLs in composer.json documentation and support links
Version 1.0.1
February 2, 2026
Added
- Block expiration time now included in email and Pushover notification messages
Version 1.0.0
February 2, 2026
Added
- Brute force protection for Craft CMS control panel login
- Brute force protection for front-end login forms
- Configurable failed attempt threshold and time window
- Configurable lockout duration
- IP whitelist to exclude trusted addresses from blocking
- Email notifications when IPs are blocked
- Pushover notifications when IPs are blocked
- Control panel interface for viewing and managing blocked IPs
- CLI commands for managing blocked IPs (
login-lockdown/block/list,add,remove,check) - CLI command for cleaning up old records (
login-lockdown/cleanup) - Proxy-aware IP detection (Cloudflare, X-Forwarded-For, X-Real-IP)
- Environment variable support for all settings using
$ENV_VARsyntax