Plugin Features

Protect your WordPress site against all malware and hackers attacks.

Hide your website identity from any attack such as XSS, XSRF, SQL Injection, brute-force, etc.

No file and directory change!

No file and directory is being changed anywhere, everything is processed virtually! The plugin code use URL rewrite techniques and WordPress filters to apply all internal functionality and features. Everything is done automatically, there's no user intervention require at all.

100% compatible with other Plugins & Themes

Compatible with any WordPress plugins and themes, once deployed it will not break any functionality or features other codes provide to your site.

Compatible with any host / server

Tested and 100% compatible with different hosting server configuration basted on Linux and Windows operating system.

Custom login URL

All sites receive hits on login page with boots trying brute force attempts, requiring a high processing CPU power due to number of attempts. This conclude to a global site speed decrease and response time. Blocking default login URL, boots will hit just a 404 error page which is being cached, so no resurce is being used.

Individual Plugin URL customization

Change Plugins Folder path and individual plugin url with custom data. Optionally block default urls from being accessible from outside.

Meta clean-up

HTML Meta clean-up for Meta Generator, wlwmanifest, feed_links, rsd_link, adjacent_posts_rel, profile link, canonical link

PHP mod_rewrite and web.config compatible

Seamless integration with existing Apache mod_rewrite or IIS web.config PHP extensions to provide fast and efficient URL's changes.

Default WordPress directories change

Change and block default WordPress directories such as wp-content, wp-include, wp-admin. The new URL's are perfectly safe to be used along existing active theme and plugins. Everything is achieved virtually, no actual folder name is being changed.

Theme url change and clean-up

Theme and child theme styles clean-up and headers remove, to prevent display of theme name, version, author etc No one will know it's a WordPress theme

HTML clean-up

Clean up HTML comments produced by plugins or theme, WordPress core auto-generated classes as page-template-x, format-x, wp-image-x, etc for body, post, images etc

XML-RPC API control

Full control over XML-RPC API by changing and block default xml-rpc.php path, disable XML-RPC authentication, remove pingback


JSON REST V1 and V2 API control by disable or block the default url. Disable output the REST API link tag into page header, Disable JSON REST WP RSD endpoint,

Block access to default core files.

Block direct access to any of WordPress root files as license.txt, wp-load.php, wp-settings.php. Individual file access/ restrict is available.

Resources HTML output change

Emoji disable, styles and scripts resources clean-up, remove version from the URL's, remove ID attribute

.. and many more

Install the plugin now and take advantage of latest security techniques.

Scroll to top