Brute Force Login Protection can be found/downloaded here:
https://wordpress.org/plugins/brute-force-login-protection/
Here they are major features:
- Limit the number of allowed login attempts using normal login form/Auth Cookies
- Manually block/unblock/(whitelist trusted) IP addresses
- Delay execution after a failed login attempt (to slow down brute force attack)
- Option to inform user about remaining attempts on login page
- Option to email administrator when an IP has been blocked
- Custom message to show to blocked users
about plugin installation it is decisevely straight:
1. Install the plugin either via the WordPress.org plugin directory, or by uploading the files to your wp-content/plugin directory.
2. Activate the plugin through the WordPress admin panel.
3. Customize the settings on the settings page.
