Lockdown WP Admin conceals the administration and login screen from intruders. It can hide WordPress Admin (/wp-admin/) and and login (/wp-login.php)
Very good and nice plugin, Please update it time to time, However it compatible with WP 4.0, Thanks once again Sean Fisher :)
It's really easy to use and customize.
I was using iThemes Security and it caused so many problems. This plugin did the trick without the headaches.
I was skeptical at first of using this due to low # of users giving feedback, but after having locked out of using 2 other free hide-url plugins, I tried this one. And this works perfectly with Wordfence or Rublon.
FYI, I previously only installed Wordfence 2-step authentication, but still kept getting bot attacks daily & the last resort was I couldn't even login into my account because my host temporarily shuts down my site due to the high frequency of the attacks. I kept searching for a simple custom login url (since I already have other security plugins).
Glad I found this! Thank you.
I use this plugin on all the websites I administer. This has cause lots and lots of 404's on my login pages and less headache for me. My login url is now a secret in its own, triple protection equals a username that is not admin or any user name on the site + a strong password + a hidden login url. I am thankful for plugins like this. Thank you very much for a very effective plugin!
This plugin is easy to install and set up, and works great.
With all the hack-rats out there running bots that scan for WP-Login and WP-Admin so they can start pounding sites with brute force attacks and sql injection attempts targeted at the login screen, you can save yourself a massive layer of headaches and alleviate some pressure on your server with this one simple, elegant little plugin. I've been installing it on all the 3.9+ sites I manage, and it works like a charm. I'll add that it doesn't interfere with WordFence security (I'm not sure about other firewalls), and the two working together in combination go a long way toward hardening your site against the most common attacks.
The one incompatibility I've noticed is with Woo Commerce, but it's not a deal-breaker. On the WooCommerce sites I run, when Lockdown redirects from WP-Login or WP-Admin to a 404 Page Not Found page, some php errors get thrown and the css breaks. This can be partially remedied by making sure you're not showing php errors (there are good instructions for this in the WP Codex), but it should eventually be addressed by the developer. Sean, any chance you might take a look at this sometime soon?
Easy-to-use and works like an e-deadbolt!
Another plugin that should be integrated as part of WP core!!!
I've been using the "Limit Login Attempts" plugin for the past 3~ years, along with various .htaccess files.
Last week I put a new theme online, replacing my first.
Started a new database, better permalink and no more Year/Month folders.
Installed this plugin about 4 months ago, on my old site. It has made my login screen completely invisible and hidden - from any person who is on the internet.
NSA notwithstanding... :)
There seems to be a fair number of plugins, that try to handle similar issues, but this is a major security solution.
One could just about go back to using Admin and Password - to login again... :)
PS: I've been going to cPanel a fair amount lately and doing stuff in phpMyAdmin. But a few days ago I was looking at the cPanel options and happened to see the File Manager. This was going to be my first time using it.
Checked out all the folders. Most were empty. There were a couple which were related to 'mail' and they were NOT empty.
Looked inside and discovered that there were thousands and thousands of notices of hack attempts - which were generated by the "Limit Login Attempts" plugin. The average was maybe 300/day (12 per hour). This data went back about 3 years. And apparently ended when I started to use this "Lockdown WP Admin" plugin.
It then took over two hours - to slowly go thru all this historical data and select a group, press Delete, and then wait for the slow Refresh. And on and on - it went. Finally all of those entries were removed...
Who knew... !
This plugin does exactly what I wanted! HTTP auth is a bonus. Highly recommended!