Skip to content
WordPress.org

Testing Rosetta

  • Themes
  • Plugins
    • Documentation
    • Forums
  • About
  • Get WordPress
Get WordPress
WordPress.org

Plugin Directory

Vegestic – Users Login Limit

  • Submit a plugin
  • My favorites
  • Log in
  • Submit a plugin
  • My favorites
  • Log in

Vegestic – Users Login Limit

By vegesticsolutions
Download
  • Details
  • Reviews
  • Development
Support

Description

Vegestic – Users Login Limit helps you control how many devices or browsers a user can stay logged into at the same time. It is ideal for membership sites, subscription websites, online courses, and any WordPress site where you want to reduce account sharing.

Features

  • Limit the number of simultaneous logins for each user.
  • View user login activity.
  • Record login IP addresses.
  • Detect the approximate login location.
  • Force logout active sessions.
  • Customize the login limit message.
  • Export login history as CSV.
  • Supports unlimited users.
  • Compatible with WordPress privacy tools.

Installation

  1. Upload the vegestic-users-login-limit folder to the /wp-content/plugins/ directory, or install it through the WordPress Plugins screen.
  2. Activate the plugin.
  3. Open Vegestic – Users Login Limit from the WordPress dashboard.
  4. Configure your preferred login limits and settings.

Privacy

This plugin stores login-related information such as login time, IP address, browser information, session details, and approximate location (if enabled).

For location detection, the plugin may connect to free public IP geolocation services. Only the user’s IP address is used to retrieve an approximate location. Location data is cached to reduce external requests.

Users can remove their personal data using WordPress’s built-in privacy tools.

External Services

If location detection is enabled, the plugin may connect to the following free IP geolocation services:

  • ipapi.co
  • ipwho.is
  • freeipapi.com
  • ip-api.com

These services are used only to retrieve the approximate location of a user’s IP address.

FAQ

Does this work with any WordPress theme?

Yes. The plugin works at the authentication level and is entirely theme-independent.

Will this log out users who are already logged in?

No. Existing sessions are not affected when you add a user or lower their limit. Only new login attempts after the limit is set are blocked. Use the Logout All button to clear existing sessions manually.

Can I disable location tracking?

Yes. Add this to your theme’s functions.php or a custom plugin:
add_filter( ‘wpll_geo_api_providers’, ‘__return_empty_array’ );

Is user data exported for GDPR requests?

Yes. The plugin registers with WordPress’s privacy tools. Administrators can export or erase a user’s login data via Tools → Export Personal Data and Tools → Erase Personal Data.

What happens if a user is at their limit and tries to log in?

They see the custom block message on the login screen and their login is rejected. The blocked attempt is logged in their history.

Can I change the session limit per user?

Yes. Each user in the block list has their own configurable session limit. You can update it from the Block Users table or from the User Details page.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Vegestic – Users Login Limit” is open source software. The following people have contributed to this plugin.

Contributors
  • vegesticsolutions

Translate “Vegestic – Users Login Limit” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.1

  • Security: Geo-location transients are now only created for valid, publicly routable IP addresses. Private, reserved, and localhost IP addresses are resolved as “Local Network” without writing a transient, preventing any transient-flooding vector via spoofed request headers.
  • Improvement: Reduced geo-location transient lifetime from 24 hours to 12 hours, limiting stale cache exposure while preserving the lookup-reduction benefit.
  • Compliance: Updated ipwho.is and freeipapi.com third-party legal URLs to their current canonical forms in the readme.

1.0.0

  • Initial public release.
  • Session limiting per user with configurable limit.
  • Login history tracking (up to 50 records per user).
  • IP address logging on each login event.
  • Location detection via free public geo-IP APIs (ipapi.co, ipwho.is, freeipapi.com, ip-api.com).
  • Active sessions view with force-logout option.
  • Custom login block message editor.
  • CSV export of login history.
  • GDPR-compliant privacy data exporter and eraser.
  • Full i18n support with translatable strings.

Meta

  • Version 1.0.1
  • Last updated 8 hours ago
  • Active installations Fewer than 10
  • WordPress version 5.8 or higher
  • Tested up to 7.0
  • PHP version 7.4 or higher
  • Language
    English (US)
  • Tags
    concurrent loginloginsecuritysessionsuser management
  • Advanced View

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

  • vegesticsolutions

Support

Got something to say? Need help?

View support forum

  • About
  • News
  • Hosting
  • Privacy
  • Showcase
  • Themes
  • Plugins
  • Patterns
  • Learn
  • Support
  • Developers
  • WordPress.tv ↗
  • Get Involved
  • Events
  • Donate ↗
  • Five for the Future
  • WordPress.com ↗
  • Matt ↗
  • bbPress ↗
  • BuddyPress ↗
WordPress.org
WordPress.org

Testing Rosetta

  • Visit our X (formerly Twitter) account
  • Visit our Bluesky account
  • Visit our Mastodon account
  • Visit our Threads account
  • Visit our Facebook page
  • Visit our Instagram account
  • Visit our LinkedIn account
  • Visit our TikTok account
  • Visit our YouTube channel
  • Visit our Tumblr account
Code is Poetry.
The WordPress® trademark is the intellectual property of the WordPress Foundation.