What Is The Offense Limit Option?

The Offense Limit option lets you control how many times a visitor may trip one of the security plugin's defenses before being blocked by the plugin altogether.

We only monitor actions taken that trigger the Shield plugin itself. The following actions will result in an increase in the offenses counter:

• Attempt to login with an invalid username/password combination
• Any attempt to login while the login cooldown system is in-effect
• Any login attempt that trips the Bot Login protection system
• Any login attempt with a username that doesn't exist
• Any attempt to access /wp-admin/, /login/, or wp-login.php while the Hide WP Login Page setting is active
• Any comment that gets labeled as SPAM by the plugin
• Failed attempt to authenticate with the plugin's Security Admin system
• Any trigger of a Firewall block rule

A black mark is set against an IP address each time a visitor trips the defenses of the Shield plugin. When the number of these offenses exceeds the specified limit, they are automatically blocked from accessing the site.

To configure Offense Limit option in Shield, you may go to the main sidebar menu > Configure > Bots and IPs > Automatic IP Blocking. Here, you can set the offense limit by entering the number into the Offense Limit option field.

Access to Offense Limit option

If you want to turn off the fully Automatic IP Black List system, set this to "0".

Lets' say a visitor tries to log in with a wrong username and password. That counts as 1 offense. They then try to post a comment that triggers Shield's Spam Protection, bringing them to 2 offenses. Next, they attempt to load a page that doesn't exist, triggering Shield's 404 detection. That's 3 offenses, and so on...

If the visitor keeps triggering security rules, whether by repeating the same action or setting off different protections, their offense count keeps climbing. Once they exceed your set Offense Limit, Shield blocks them from accessing your site completely. At that point, the Auto Block Expiration timer starts, and the block is managed automatically from there.

The Bots & IP Rules table will show the current status of the blocked IP at a glance. You can see the IP address, the total number of offenses recorded, and the block status. Use this table to quickly check whether an IP is fully blocked or not.

Example: Bots & IP Rules table showing an IP with 5 offenses, not yet blocked

Note: Bots & IPs feature also gives you the ability to manage blacklisted and whitelisted IP addresses.