Nice plugin. I found a few issues with the current version.
1. If the wp-content directory is moved, your initial server tests fail as they were expecting that hard coded directory in the script. I'm sure there is a way to reference the variable defined in the configuration instead.
2. If mod-rewrite is setup to form clean urls for wordpress, the login system won't work as all requests get returned to WordPress directly it seems, so I never get the html login pop-up and just get a wordpress 404 error page.
I had to:
Add a file (of any name), which I called error.html and I placed that in the primary site directory (root). The file was completely empty.
I then added these two lines to the main .htaccess file for the site:
ErrorDocument 401 /error.html
ErrorDocument 403 /error.html
I don't exactly know why it works at this point, but it does. Now I have the plugin functioning 100% with protecting the wp-admin directory and the wp-login.php file.
Thanks for the nice plugin.