Thank you for sharing your concerns. Limit Login Attempts Reloaded is trusted by nearly 3 million websites worldwide, including some of the largest WordPress websites in the world. The plugin would not have grown to this level if it were manipulating fake login attempts.
Many website owners are unaware of the sheer volume and frequency of brute-force attacks targeting WordPress sites. It can be surprising when they first see the data, but these attacks are a real and widespread issue that security tools help mitigate.
In rare cases, an incorrect hosting setup can trigger illegitimate login attempts that may appear misleading. We discuss this in detail in our guide here: https://www.limitloginattempts.com/blogs/guides/could-these-failed-login-attempts-be-fake/
If you believe there’s an issue with your setup, we’d be happy to troubleshoot and help you better understand what’s happening. Feel free to reach out to our support team.
Best,
LLAR Team
