How to restrict when users can log in to a WordPress website

The User Login Time policy in Melapress Login Security allows you to specify when users are allowed to log in to your WordPress website.

Why is the policy required?

By default, all users on your WordPress website can log in at any time. While this is not a problem in itself, applying a user login time policy adds another layer of security to your website, thus reducing the potential attack surface even further.

For example, if you and your team work from Monday to Friday, it is recommended to restrict logins to your website during the weekend. Doing so reduces the chances of someone guessing a user password via brute force attack and logging in to your website. This is just one example.

Configuring the User Login Time policy

The policy is disabled by default, so once you install the plugin, users can still log in at any time with no restrictions. To enable and configure this policy, follow the procedure below:

1. Start by enabling the policy; check the checkbox Activate user login time restrictions in the Restrict user login times section
2. Uncheck the days of the week during which you do not want users to log in to your website
3. Specify the times during which users can log in to the website on specific days of the week
4. Click Save changes

Example of a configured User Login Time policy

From the above screenshot, we can see that:

• Users can log in from Monday to Thursday between 9 AM and 8 PM.
• Users can log in from midnight between Thursday and Friday until midnight between Friday and Saturday.
• Users cannot log in at any time on Saturday and Sunday.