Title: CoxWall Author: themelooks Published: June 12, 2026 Last modified: June 12, 2026 --- Search plugins ![](https://ps.w.org/coxwall/assets/banner-772x250.png?rev=3570395) ![](https://ps.w.org/coxwall/assets/icon-128x128.gif?rev=3570391) # CoxWall By [themelooks](https://profiles.wordpress.org/themelooks/) [Download](https://downloads.wordpress.org/plugin/coxwall.1.0.0.zip) * [Details](https://wordpress.org/plugins/coxwall/#description) * [Reviews](https://wordpress.org/plugins/coxwall/#reviews) * [Installation](https://wordpress.org/plugins/coxwall/#installation) * [Development](https://wordpress.org/plugins/coxwall/#developers) [Support](https://wordpress.org/support/plugin/coxwall/) ## Description CoxWall is a powerful and lightweight WordPress security plugin designed to protect your website from modern security threats, brute-force attacks, malware attempts, and unauthorized access. It provides advanced security tools including firewall protection, login hardening, security headers, file integrity monitoring, WooCommerce security, and detailed audit logging — all in an easy-to-use interface. Whether you run a blog, business website, membership platform, or WooCommerce store, CoxWall helps keep your WordPress site secure and protected in real time. **Key Features:** * **Login Protection** – Limit login attempts per IP, lock out attackers, and receive email alerts. * **Hide Login** – Move your login URL away from the default `wp-login.php`. * **CAPTCHA** – Google reCAPTCHA v2 / v3 on login, registration, and WooCommerce forms. * **Firewall** – Block SQLi, XSS, directory traversal, malicious bots, and XML- RPC abuse. * **Security Headers** – Set X-Frame-Options, CSP, HSTS, Referrer-Policy, and more. * **File Integrity** – Detect changes to WordPress core and plugin files. * **WooCommerce** – Extra security for WooCommerce stores. * **Audit Log** – Full event log with IP, user, and timestamp for every security event. **Why Choose CoxWall?** * Lightweight and performance-friendly * Beginner-friendly setup * Modern security protection * WooCommerce compatible * Advanced firewall system * Detailed security logging * Real-time protection and monitoring **CoxWall** helps you secure your WordPress website with enterprise-level protection while keeping the setup simple and user-friendly. **Features:** * **Login Protection** * **Hide Login URL** * **Google reCAPTCHA v2 / v3** * **Firewall Protection** * **SQL Injection (SQLi) Blocking** * **XSS Attack Protection** * **Directory Traversal Protection** * **Malicious Bot Blocking** * **XML-RPC Protection** * **Security Headers Management** * **Content Security Policy (CSP)** * **HSTS Support** * **Referrer Policy Protection** * **File Integrity Monitoring** * **Core File Change Detection** * **Plugin File Change Detection** * **WooCommerce Security** * **Audit Log System** * **IP Activity Logging** * **User Activity Tracking** * **Real-time Security Alerts** * **Email Notifications** * **Brute-force Protection** * **Login Attempt Limiting** * **IP Lockout System** * **Malware Defense** * **Website Hardening** * **Real-time Monitoring** * **WordPress Security Suite** ### External services This plugin optionally connects to the following third-party / external services. Each service is only contacted when its corresponding module is enabled and the described conditions are met. #### Google reCAPTCHA (Google LLC) **What it is and what it is used for:** Google reCAPTCHA is a bot-detection service. CoxWall uses it to protect the WordPress login, registration, lost-password, comment, and WooCommerce My Account forms from automated attacks. **What data is sent and when:** When the CAPTCHA module is enabled, two types of requests are made to Google: 1. _Front-end (page load)_ – the visitor’s browser loads the reCAPTCHA JavaScript library directly from Google’s CDN (`www.google.com`). Google receives the visitor’s IP address, browser and device information, and the site’s public reCAPTCHA site key. 2. _Back-end (form submission)_ – when a visitor submits a protected form, the plugin sends the reCAPTCHA response token, the site’s secret key, and the visitor’s IP address to Google’s verification endpoint (`www.google.com/recaptcha/api/siteverify`) to confirm the response is valid. No data is sent if the CAPTCHA module is disabled or if no reCAPTCHA site/secret key has been configured. **Service provider links:** * Terms of Service: https://policies.google.com/terms* Privacy Policy: https://policies.google.com/privacy * reCAPTCHA-specific information: https://developers.google.com/recaptcha #### WordPress.org Core Checksums API (WordPress.org) **What it is and what it is used for:** The WordPress.org Checksums API provides official MD5 hashes for every file in each WordPress core release. CoxWall’s File Integrity module uses these hashes to detect unauthorized modifications to core files. **What data is sent and when:** When a file integrity scan runs (manually triggered or on schedule), the plugin sends a GET request to `https://api.wordpress.org/core/ checksums/1.0/` containing: * The installed WordPress version number. * The site’s configured locale/language. No personal data, user data, or site content is transmitted. The request retrieves a publicly available checksum list. **Service provider links:** * Privacy Policy: https://wordpress.org/about/privacy/* API documentation: https://codex.wordpress.org/WordPress.org_API ## Screenshots [[ [[ [[ [[ ## Installation 1. Upload the `coxwall` folder to `/wp-content/plugins/`. 2. Activate the plugin through the **Plugins** menu in WordPress. 3. Navigate to **CoxWall Dashboard** to configure. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “CoxWall” is open source software. The following people have contributed to this plugin. Contributors * [ themelooks ](https://profiles.wordpress.org/themelooks/) [Translate “CoxWall” into your language.](https://translate.wordpress.org/projects/wp-plugins/coxwall) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/coxwall/), check out the [SVN repository](https://plugins.svn.wordpress.org/coxwall/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/coxwall/) by [RSS](https://plugins.trac.wordpress.org/log/coxwall/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0.0 * Initial release. ## Meta * Version **1.0.0** * Last updated **2 days ago** * Active installations **Fewer than 10** * WordPress version ** 6.8 or higher ** * Tested up to **7.0** * PHP version ** 8.0 or higher ** * Tags * [Brute Force](https://wordpress.org/plugins/tags/brute-force/)[firewall](https://wordpress.org/plugins/tags/firewall/) [login protection](https://wordpress.org/plugins/tags/login-protection/)[malware](https://wordpress.org/plugins/tags/malware/) [security](https://wordpress.org/plugins/tags/security/) * [Advanced View](https://wordpress.org/plugins/coxwall/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/coxwall/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/coxwall/reviews/) ## Contributors * [ themelooks ](https://profiles.wordpress.org/themelooks/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/coxwall/)