How to blocked login for few minutes after 2 unsuccessful login attempts?

by Lalita 07-May-19

0 243

You can block users for few minutes if they continuously try to login with incorrect details with the following code:

// your login file where the frontend code you are using...
//If login failed
// check the number of login failed
if($_SESSION['num_login_fail'] >= 2) // you can change the value of login failed
{ //if number of login failed greater than Or equal to 2
// Check the time if 10 minutes done or not...
if((time() - $_SESSION['last_login_time']) < (10*60) )
// alert to user wait for 10 minutes after
$msg="You have incorrectly typed your password 2 times,
try again after 15 minutes.";
// after 10 minutes
$_SESSION['num_login_fail'] = 0;
$msg= admin_login($_POST);
else{ // if number of login failed less than Or not equal to 2
$msg= admin_login($_POST);
// if number of login failed is not set
$msg= admin_login($_POST);
echo $msg;
<!-- Here include your function file -->
<?php session_start();
include('dbconnect.php'); // Include your db connect file here

// Here is your login function

function admin_login($data){

// Your mysqli Query...
$login="select * from register_user where username='$user' and password='$password'";
// If user details correct, get the User-Id in session and redirect where you want to do...
echo '<script>window.location="home.php";</script>';
$_SESSION['num_login_fail']++; //Get the number of login failed in session
$_SESSION['last_login_time'] = time(); //Get the time of last login
$msg= 'Username or Password is not Correct....';
return $msg;


Discount Coupons

SEMRush FREE Trial – PRO Account for 14 Days

FREE Pro Account worth $99.95 for 14 Days.


    No Comments Yet.

Leave a Reply