Shield WP Admin is a lightweight yet powerful plugin designed to enhance the security of your WordPress admin area. With an easy-to-use interface and essential protection tools, it helps safeguard your site against common threats and vulnerabilities.
Key Features:
-
Custom Admin Login URL
Hide or customize the default/wp-login.phpURL to prevent unauthorized login attempts. -
Limit Login Attempts
Protect against brute-force attacks by limiting failed login retries. -
Google reCAPTCHA Integration
Add reCAPTCHA to the login screen to block bots and automated scripts. -
Disable XML-RPC
Prevent exploitation via XML-RPC by disabling its access entirely. -
Disable File Editor
Block access to the theme and plugin file editor in the WordPress dashboard. -
Hide WordPress Version
Conceal your WordPress version from source code to reduce exposure to targeted attacks. -
Force HTTPS Redirection
Redirect all HTTP requests to HTTPS to ensure secure access. -
Disable Pingbacks & Trackbacks
Protect your site from spam and DDoS attacks by disabling pingbacks and trackbacks. -
IP Blacklisting
Block specific IP addresses directly from the admin panel to protect the site. -
Admin Login Form Logo Change
You can change the logo of admin login form.
Why Shield WP Admin?
Whether you』re a developer or a site owner, Shield WP Admin provides a smart, flexible solution to strengthen your WordPress backend—without bloating your site or overwhelming your dashboard.
External Services
This plugin uses Google reCAPTCHA to protect the admin login from automated brute-force attacks.
- Service Used: Google reCAPTCHA
- Service Domain: https://www.google.com/recaptcha
- Purpose: Used to verify that the user is human, preventing spam or Brute-force attacks on admin login protected by the plugin.
- What Data is Sent: When a user interacts with a reCAPTCHA-protected form, their interaction (including IP address, user agent, and possibly cookies) is sent to Google』s reCAPTCHA service for validation and verification.
- When Data is Sent: This data is transmitted to Google when the form is loaded (due to the JS script) and again when the form is submitted.
- Service Provider: Google
- Terms of Service: https://policies.google.com/terms
- Privacy Policy: https://policies.google.com/privacy
