Login Ninja review – protect WordPress login and register forms

Security of your website should be on top of your watch list. It’s easy to focus on the content, design, and functionality of your new WordPress site but if you don’t take care of security, it might be all gone with the wind. There are so many things you can do to protect your WP website. We already reviewed Security Ninja, an excellent premium plugin which recently became completely free. We also showed you set-and-forget security tips which can help you protect your site in a matter of minutes. Today, we’re about to show you how to protect your WordPress site even further.

In this article, we’re about to show you a plugin from the Ninja family we’ve already introduced. So far you might have heard of before mentioned Security Ninja and his brother OptIn Ninja whose job is to help you in attracting new subscribers by creating OptIn pages. Today, we’re about to introduce their little cousin Login Ninja who can improve the security of your site by acting as your private bodyguard.


Login Ninja

PRICE: $18

Login Ninja login screen

In order to protect the front door of your WordPress site, you will need a help of a plugin. The best way of doing so is to hire a personal bodyguard. When it comes to WordPress, the best guy for the job is Login Ninja. After you install this great little plugin, Login Ninja will start watching over your WordPress site, and he won’t be merciful at all. The Ninja will guard your login page as well as your register forms, he’ll easily block any intruders and will implement rules you set. Let’s see what’s Login Ninja capable of.
This premium plugin has been active for almost five years, and it has been purchased by more than 700 WordPress users! Based on 121 ratings, the plugin has received a rating of 4.71 stars which is something you should admire. Among all positive reviews and comments the plugin got on CodeCanyon, here’s what one user said:

“I love it! Auto-ban feature is a must for any site. Already have Security Ninja and I really feel my site is much more secure!”

Key features

  • protect login and register forms with captcha
  • ban IPs that brute-force attack you
  • a detailed log of all login-related activities
  • redirect users based on usernames and roles
  • email notifications
  • protect your site from brute-force login attacks
  • stop bots from registering
  • manually ban any IP


First of all, Login Ninja will allow you to set the number of maximum login attempts. By doing so, you can disenable bots and hacker wannabes from logging into your site. If you, for example, allow only three login attempts, you can easily stop anyone from guessing your login credentials. In that case, a person (or a bot) will be automatically banned from accessing your login page after the third unsuccessful login attempt. You can decide for how long the banned person will stay banned, and you can decide if you want to forbid that individual from accessing your login page or the entire website. Don’t forget to write your own notice and a custom message for those who Login Ninja will ban.

You can even opt in to receive notifications on successful and/or unsuccessful logins.

To improve the security of your login page, don’t forget to customize captcha. If you decide to include this additional check-up, every user will have to answer a simple math question before login. You can customize the text of the question, set colors and add noise for the image.

The last option in the settings area allows you to redirect users after logout. Instead of installing an additional plugin for this job, Login Ninja will help you with the redirection.


Login Ninja redirections

Login Ninja doesn’t stop there. The plugin easily works with login redirections as well. All you have to do is to choose a user role and then assign a redirection type to it. You can redirect specific user role to a specific URL, random post or the most recent post on your website. Depending on what you want to do, you can even completely disable login page for a particular user role. How cool is that?

Although this option is quite enough for many of us, the plugin goes even further. It allows you to specify the username for which you can set specific redirections.

Ban IPs

Sooner or later, a user will get banned from your site. To easily monitor who was banned and how long does the ban lasts, Login Ninja created a separate table of events.


Login Ninja log

In the introduction, we already told you that this Ninja would watch over your site. Besides everything we mentioned earlier, Login Ninja will write down everything that happens login-wise. If you open the log, you will find out that every login attempt has been noted. Whether a user successfully logged in, logged out or failed at login, you will have everything sorted out in a table. You will be able to see a username, an IP address he was coming from, user-agent he was using and a precise time for each of the events.

With the log, you don’t have play guesses; now you can quickly know who accessed login pages and what happened afterward.

When there is a plugin like Login Ninja available for you to use, there’s no excuse to have your WordPress website without a personal login bodyguard. It doesn’t matter if it’s a business site you’re working on or a simple travel blog, you should be as safe as possible. How do you like Login Ninja?

Start Blog Book


This guide is an introduction to mastering the art of blogging. It provides easy to follow steps to start, maintain, and grow your blog.

Read the guide

One thought on “Login Ninja review – protect WordPress login and register forms

  1. There are so many plugin to protect WordPress login. We use Limit login attempt plugin and we couldn’t be more happy with it.
    Another security measure we implement is redirect the default WordPress login to a ProfilePress powered custom login form page we create using ProfilePress plugin.

    At my agency, we are always on the look out for plugins that solves certain problems and we sure will checkout Security ninja.

Leave a Reply

Your email address will not be published. Required fields are marked *