Skip to content

Admin Login Alerts

Admin Login Alerts emails you when someone with administrator access (manage_options) signs in - useful for spotting unfamiliar access without watching the site 24/7.

Requires an active WP PowerSuite license.

When enabled and at least one recipient email is saved, it:

  • Sends an alert after a qualifying admin login (password login, custom login URL, and PowerSuite 2FA flows by default).
  • Optionally covers magic links, OAuth, and temporary logins.
  • Skips WooCommerce customer storefront account logins.
  • Supports quiet IPs, custom IP headers (e.g. behind Cloudflare), optional ipwho.is geo lookup, user-agent hints, and a per-user/IP cooldown.

Emails never include passwords, cookies, or session tokens.

Enable it if:

  • You want a paper trail for admin access on production sites.
  • Agencies need ops mailboxes notified when client admins sign in.
  • You’re pairing it with 2FA and want a second signal for unexpected logins.

Open Settings under WP PowerSuite -> Modules -> Admin Login Alerts:

Setting Purpose Default
Email addresses (emails) Comma-separated recipients. Invalid addresses dropped on save. Blank (required for alerts)
Never mail for these IPs (exclude_ips) One per line or comma-separated; * wildcards allowed once per octet cluster. Blank
Custom IP header (ip_header) Optional server header (e.g. HTTP_X_REAL_IP). Defaults to Cloudflare CF-Connecting-IP when present, else REMOTE_ADDR. Spoofable X-Forwarded-For is blocked. Blank
Include browser / device hint (include_user_agent) Adds user-agent to the email. On
Approximate location lookup (geo_lookup_enabled) Uses ipwho.is. Off
Magic links, OAuth, and temporary logins (notify_alternate_logins) Also alert on those auth paths. On
Strict password-login only (strict_login_detection) Ignore non-wp-admin redirects. Off
Cooldown (minutes) (throttle_minutes) Per user + IP; 0 = no cooldown (max 60). 5

Use Send test email in settings after saving recipients.

  1. Confirm an active license.
  2. WP PowerSuite -> Modules -> Admin Login Alerts - turn on.
  3. Open Settings, add recipient emails, adjust quiet IPs / detection, save.
  4. Optionally send a test email.
  1. Save a recipient you can read.
  2. Log out, then sign in as a user with manage_options. ✅ Working: alert arrives (after cooldown rules).
  3. Sign in from an excluded IP (if configured) - no mail.
  4. Use Send test email to verify delivery without a full logout cycle.
  • No emails. Module off, license invalid, empty emails, IP excluded, or still inside cooldown. Check spam and that wp_mail works on the host.
  • Too many emails. Raise Cooldown, add office IPs to exclude, or turn off alternate-login notifications.
  • Wrong IP in the email. Set Custom IP header for your proxy, or rely on Cloudflare’s connecting IP when present.
  • Geo blank. Enable geo lookup and allow outbound HTTPS to ipwho.is.
Who triggers Admin Login Alerts?

Users who can manage_options (typically administrators). WooCommerce customer storefront logins are skipped.

Does it email for Magic Login or OAuth?

Yes when Magic links, OAuth, and temporary logins is enabled (on by default).

What is in the alert email?

Username, role, date/time, IP, and optional location or browser hint. Passwords and session tokens are never included.

How do I stop alerts from my office IP?

Add the IP (or a pattern like 203.0.113.*) under Never mail for these IPs.

Developer notes (hooks & filters)

Source: modules/login-email-notification/module.php. Boot: standard. Contexts: frontend, ajax, login. License required.

  • wp_login (priority 99) for password logins.
  • wp_powersuite_magic_login_authenticated, wp_powersuite_oauth_login_completed, tl_after_login_success for alternate paths when notify_alternate_logins.
  • Capability check defaults to manage_options (filterable in code).
  • Skips likely WooCommerce account/storefront logins.
  • Geo via ipwho.is when geo_lookup_enabled.
  • Throttle: transient per user + IP, throttle_minutes 0-60.