跳到內容
  • 關於 WordPress
    • 關於 WordPress
    • WordPress.org 香港中文
    • 線上說明
    • 技術支援
    • 意見反應
  • 登入
  • 註冊
WordPress.org
WordPress.org

Hong Kong 香港中文

  • 佈景主題
  • 外掛
  • News
  • Support
  • About
  • 重要通知
  • WordPress 常見問題
  • 團隊
  • 取得 WordPress
取得 WordPress

外掛

  • 我的收藏
  • Beta測試
  • 開發者
下載

Hide login page, Hide wp admin – stop attack on login page

由Webcraftic
  • 詳情
  • 評價
  • 安裝
  • 支援
  • 開發

描述

This simple and light plugin safely rename wp-login.php and closes access to the WordPress admin panel. The plugin does not change the code of your site, does not rename files and does not make any changes to your server configuration. It can intercept admin pages requests, which means that it can work on any WordPress site, regardless of your server.

There are several levels of security in the plugin. When changing the login page you will receive an email with an access recovery link if you forget the login page address. In addition, the plugin will take care that your posts and pages addresses do not intersect with the new login page address, since if the addresses are the same, the login page will be looped.

Why you should hide WP admin and Hide my WordPress?

Dozens of bots daily attacks your WordPress admin area at /wp-login.php and /wp-admin/, brute force passwords and wanting to access your admin panel. Even if you are sure that you have created a hard and reliable password, this does not guarantee security and does not relieve your login page overload. The easiest way to hide login page is simply change its address to a unique one that will be known only to you.

FEATURES

  • Hide wp-login.php, wp-signup.php and block access
  • Hide wp admin directory and block access
  • Allows you to rename login url
  • Works with permalinks and without
  • There is an opportunity to restore access to hidden login page

Functions related to authorization, such as registration, password recovery, registration confirmation will continue to work in usual mode.

If you are using a cache plugin, you should add your new login URL prefix in the stop caching list.

The wp-admin directory and the wp-login.php page will be unavailable, so it’s important to create a bookmark or remember new custom login page url. Deactivating this plugin will return your site to its previous usual state.

THANK FOR THE PLUGINS’ AUTHORS

We used some plugins features:
WPS Hide Login, WP Hide & Security Enhancer, Hide My WP – WordPress Security Plugin, Easy Hide Login, Hide WP Admin and Login – WordPress Security, Clearfy – WordPress optimization plugin and disable ultimate tweaker, Rename wp-login.php

RECOMMENDED SEPARATE MODULES

We invite you to check out a few other related free plugins that our team has also produced that you may find especially useful:

  • Clearfy – WordPress optimization plugin and disable ultimate tweaker
  • WordPress Assets manager, dequeue scripts, dequeue styles
  • Disable Comments for Any Post Types (Remove Comments)
  • Disable updates, Disable automatic updates, Updates manager
  • Disable admin notices individually
  • Cyrlitera – transliteration of links and file names

螢幕截圖

  • Control panel

安裝

  1. Upload the plugin files to the /wp-content/plugins/plugin-name directory, or install the plugin through the WordPress plugins screen directly.
  2. Activate the plugin through the ‘Plugins’ screen in WordPress
  3. Go to the general settings and click on the “Hide login page” tab, activate the options and save the settings.

常見問題

Does the plugin work in multisite mode?

No, plugin does not support multisites. It is temporary. We will try to add network support in the future.

I forgot the login page address, what should I do?

Method 1:
Go to your mailbox and find a letter with the subject “[Hide login page] Your New WP Login” and follow the link to restore login access.

Method 2:
Find in the database in the wp_options table option named wbcr_hlp_login_path, wbcr_hlp_hide_login_path, wbcr_hlp_hide_wp_admin, wbcr_hlp_cache_options and delete them.

Method 3:
Remove hide-login-page plugin from /wp-content/plugins directory. Log in and re-install the Hide login page plugin.

How to access the registration and password recovery page?

After changing the login page URL, the registration and password recovery page addresses will be as follows:
http://site.com/login?action=register and http://site.com /login?action=lostpassword

評價

TOPS

rlgordonjr 2022年5月22日
Excellent security from Clearfy/Webcraftic THANKS UPDATE: 5/22/22 We keep going back to this company. We're glad they're still around! see our comments on their Clearfy + Disable Comments. Bob + Steph Fox ";-) n Kitty {';-D

Disappointed

Amanda 2020年12月25日
I don't recommend this plugin to anyone. Firstly, as explained by another user in the support forum, it is possible for a hacker to circumvent this and all other plugins of this type if they use Firefox. So if none of the hackers that know this happen to target your site, you'll be fine, but it is highly probable that you will still be targeted by brute-force attacks. You'll get fewer of them, but won't eliminate them. As if that isn't bad enough, after using this plugin for a while, both the default login page and the custom one generated by this plugin returned a 404, locking me out of my admin panel. I had to manually delete or rename the plugin folder in my file manager in order to regain access. No plugin is worth that kind of a headache, particularly if it isn't even blocking all attacks to begin with. Aside from all that is the fact that this plugin receives absolutely zero support. Check the support forum and you will easily see that the developer has never responded to anything, ever. So, if it happens to work for you, great. But it probably won't, and if it doesn't, you will get absolutely no help. Just use a good password and maybe throw in a plugin like Limit Login Attempts or Wordfence or something of that nature.

Thank You

briannie 2020年10月18日
I already have "limit login attempts" installed along with "two factor login" but that doesn't stop hackers from trying. They get logged out after three attempts but then a change of IP address and they try again. So far today in the 15 hours since midnight I've had 166 logouts on one of my sites. Each time I get an email advising me. I've just installed this plugin and it's all stopped. How about that!! I must confess I was concerned about the install just in case something went wrong but all is well. Any author who is willing to offer their expertise free of any formal charge is to be commended. Thank you very much. I only think it's a pity the author does not acknowledge and respond to the one or two people who ask for assistance but from me it's five stars. EDIT I guess it either works and gets five stars or it doesn't and gets one star. Despite having changed my login address to something "unguessable" and known only to me, a hacker has found the login page. This is not the first time. I reported this in a support thread some while ago and the author claimed it was not possible. I can only say the author needs to look again as right now this plugin has a security flaw that somehow allows a hacker to penetrate it. Perhaps because it's not been updated for some while and needs some further attention. Pity as it was doing so well.

VVery good plugin

AviBadash 2019年9月23日
VVery good plugin Thank you

Супер

mfwriter 2019年1月10日
то что нужно, гораздо меньше попыток взлома.

Simple to use

newtom 2018年10月22日
Nice addition to Clearfy. Works!
閱讀全部8個評價

貢獻者及開發者

“Hide login page, Hide wp admin – stop attack on login page” 是一個開源的軟體。以下的人對這個外掛作出了貢獻。

貢獻者
  • webcraftic

Hide login page, Hide wp admin – stop attack on login page 外掛目前已有 1 個本地化語言版本。 感謝所有譯者為這個外掛做出的貢獻。

將 Hide login page, Hide wp admin – stop attack on login page 外掛本地化為台灣繁體中文版。

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄。

修改日誌

1.1.6 (30.05.2022)

  • Added: Compatibility with WordPress 6.0

1.1.5 (24.03.2022)

  • Added: Compatibility with WordPress 5.9

1.1.4 (20.10.2021)

  • Added: Compatibility with WordPress 5.8
  • Fixed: Minor bugs

1.1.2

  • Fixed: Redirect to 403

1.1.1

  • Fixed: Settings were lost after update

1.1.0

  • Added: Compatibilities with Titan Security plugin
  • Added: Added compatibility WordPress 5.4

1.0.8

  • Fixed: Added compatibility with ithemes sync

1.0.7

  • Fixed: Compatibility with W3 total cache

1.0.6

  • Fixed: Update core framework
  • Fixed: When you enter https://site.dev/login, you could open the login form. Now it is impossible to do.
  • Added: Compatibility with Clearfy 1.4.2
  • Added: Multisite support ready

1.0.5

  • Fixed: Update core framework

1.0.4

  • Fixed: Menu bug

1.0.3

  • Fixed: When requesting the wp-register.php page, a redirect to the hidden login page.

1.0.2

  • Fixed: In some themes working with Woocommerce, there were php errors when trying to request a wp-admin page.
  • Update core

1.0.1

  • Fix smull bugs

1.0.0

  • Plugin release

其它

  • 版本:1.1.6
  • 最後更新:1 個月之前
  • 運作中的安裝:30,000+
  • WordPress Version: 5.2 or higher
  • 已測試到版本:6.0
  • PHP Version: 7.0 or higher
  • 語言:

    English (US) 及 Russian.

    翻譯成你的語言

  • 標籤:
    hide loginhide wp-adminrename loginrename login url
  • 進階顯示

評分

顯示全部
  • 5星 6
  • 4星 0
  • 3星 0
  • 2星 0
  • 1星 2
Log in to submit a review.

貢獻者

  • webcraftic

支援

最近兩個月解決了的問題:

1個中的0個

檢視支援論壇

捐贈

想要支援這個外掛的發展嗎?

贊助這個外掛

  • 關於我們
  • 最新消息
  • 寄存
  • 贊助基金會
  • 技術支援
  • 開發者資源
  • 共同參與
  • Learn
  • 展示網站
  • 外掛
  • 佈景主題
  • 區塊版面配置
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • 隱私權
  • Public Code
WordPress.org
WordPress.org

Hong Kong 香港中文

  • 訪問我們的 Facebook 專頁
  • 訪問我們的 Twitter 帳戶
代碼就是詩歌。