I was desperately looking for a plugin like this one since it looks like there are not a "standard" way to hide wp-admin or wp-login from any visitor who type yoursite.com/wp-admin.
The problem is that I don't understand how this plugin work.
The plugin works for when you aren't logged in, and you will get a 404. But what happens if I want to login as admin from another device, or the session was closed on my browser...will I have to manually upload the .txt file to disable it then log in and then delete the txt from the server?
Even if this work like this, I'd be able to do on my own site, but it's not practical if I use with a client site for example? I mean I will need to deactivate it to bring them access and then remove the txt each time they need to log in?
Maybe I'm not understanding this very well and I wanted to ask you.