WordPress Plugin to hide login and admin URLs when not logged into WordPress.
Lockdown WP Admin conceals the administration and login screen from intruders. It can hide WordPress Admin (/wp-admin/) and and login (/wp-login.php) as well as add HTTP authentication to the login system. We can also change the login URL from wp-login.php to whatever you'd like: /login, /log-in-here, etc.
This plugin will hide WordPress Admin (/wp-admin/) when a user isn't logged in. If a user isn't logged in and they attempt to access WP Admin directly, they will be unable to and it will return a 404. It can also rename the login URL.
Also, you can add HTTP authentication directly from WP Admin and add custom username/password combinations for the HTTP auth or use the WordPress credentials.
This doesn't touch any .htaccess files or change the WordPress core files. All the CSS/Images under /wp-admin/ are still accessible, just not the .php ones.
If you enable HTTP authentication, it will add HTTP authentication to the PHP files in /wp-admin/.
/lockdown-wp-admin/
to the /wp-content/plugins/
directoryComposer is not required to be setup for installation of this plugin! It is simply used for development purposes to provide unit testing.
How can we add files to the white list to hide from the public eye? We want to have AJAX and use a custom file, but we can't because it hides it from the public.
You can add a file using the 'no_check_files' filter. Use this:
<?php
function add_my_cool_filter($data)
{
// You have to accept the $data argument or else it will cause a system meltdown ;)
$data[] = 'my-file-name.php'; // JUST the file name.
return $data;
}
add_filter('no_check_files', 'add_my_cool_filter');
?>
Simple.
How can I get back in if Lockdown WP Admin locked me out?
You can create a .txt file named 'disable_auth.txt' in your wp-content/plugins/lockdown-wp-admin/
folder (The file location would be /wp-content/plugins/lockdown-wp-admin/disable_auth.txt
). We don't care about the content but that will disable the HTTP Auth and whatever was locking you out of your site.
1.0
1.0.1
1.1
1.2
1.3.1
1.4
= 1.4.2 =
admin-ajax.php
to the files that we permit to be access in wp-admin.1.6
1.7
1.8
1.9
A very late update, sorry! Worked to fix many issues with the admin bar and the "get_current_screen()" error. If you still see issues, please contact me!
2.0
get_current_screen()
)2.0.1
2.0.2
2.1
2.2
Lockdown_Manager
at all, you should basically check the class anew since it was seperated into Admin and Application services.2.3