Description
The WPS Protect: Login URL & Security Headers plugin enhances your WordPress site security with multiple layers of protection. It provides a comprehensive solution for securing your WordPress installation through custom login URL protection, advanced security headers, and SSL enforcement.
Key Features:
-
Custom Login URL Protection
- Change and hide the default WordPress login URL
- Protect against brute force attacks
- Maintain compatibility with wp-admin access
-
Advanced Security Headers
- X-Frame-Options: Prevent clickjacking attacks
- X-XSS-Protection: Enable browser’s XSS filtering
- X-Content-Type-Options: Prevent MIME-type sniffing
- Content-Security-Policy (CSP): Control resource loading
- Permissions-Policy: Control browser features and APIs
- Strict-Transport-Security (HSTS): Enforce HTTPS
- Referrer-Policy: Control referrer information
- Access-Control-Allow-Origin: Manage CORS policies
-
SSL Enforcement
- Force HTTPS across your site
- Secure cookie handling
- Mixed content protection
-
User-Friendly Interface
- Tab-based admin interface
- Easy configuration of all security features
- Recommended values for security headers
- Real-time feedback on settings changes
Installation
- Upload the plugin files to the
/wp-content/plugins/wordpress-securitydirectory, or install the plugin through the WordPress plugins screen directly. - Activate the plugin through the ‘Plugins’ screen in WordPress.
- Use the WPS Protect menu in the WordPress Admin Dashboard to configure the plugin.
FAQ
-
What happens if I forget the new login URL?
-
If you forget the new login URL, you can access your WordPress database and modify the
wpsplu_optionsoption. Alternatively, you can deactivate the plugin through FTP or the database to restore the default login URL. -
Will this plugin interfere with other security plugins?
-
No, the WPS Protect: Login URL & Security Headers plugin is designed to work alongside other security plugins. However, if you’re using another plugin that modifies security headers, you should configure them to avoid conflicts.
-
How do I know if the security headers are working?
-
You can verify the security headers using online tools like SecurityHeaders.com or by checking your site’s response headers using browser developer tools.
Avis
Il n’y a aucun avis pour cette extension.
Contributeurs/contributrices & développeurs/développeuses
« WPS Protect: Login URL & Security Headers » est un logiciel libre. Les personnes suivantes ont contribué à cette extension.
Contributeurs
Traduisez « WPS Protect: Login URL & Security Headers » dans votre langue.
Le développement vous intéresse ?
Parcourir le code, consulter le SVN dépôt, ou s’inscrire au journal de développement par RSS.
Journal des modifications
1.1
- Added Permissions-Policy header support
- Improved Content-Security-Policy configuration
- Enhanced login URL handling
- Added tab-based admin interface
- Fixed wp-admin access issues
- Updated security headers with recommended values
1.0
- Initial release with basic security features