Protect your WordPress site against all malware and hackers attacks.
Hide your website identity from any attack such as XSS, XSRF, SQL Injection, brute-force, etc.
No file and directory change!
No file and directory is being changed anywhere, everything is processed virtually! The plugin code use URL rewrite techniques and WordPress filters to apply all internal functionality and features. Everything is done automatically, there's no user intervention require at all.
100% compatible with other Plugins & Themes
Compatible with any WordPress plugins and themes, once deployed it will not break any functionality or features other codes provide to your site.
WordPress MultiSite Compatible
Support MultiSIte environment. Can work with per site set-up (individual settings) or globally (superadmin settings)
Custom login URL
All sites receive hits on login page with boots trying brute force attempts, requiring a high processing CPU power due to number of attempts. This conclude to a global site speed decrease and response time. Blocking default login URL, boots will hit just a 404 error page which is being cached, so no resurce is being used.
Compatible with any host / server
Tested and 100% compatible with different hosting server configuration basted on Linux and Windows operating system.
The PRO version come with full Nginx support, which run on LEMP stacks. Advanced rewrite queries engine included, which provide the most efficient and light data.
Automatic / Manual Rewrite deploy
The rewrite data are automatically deployed on server for Apache and IIS server types. If this is not possible, a graphically interface is available which drive through he process of rewrite file update. If need, automatic rewrite updates can be turned off through plugin settings.
Block rewrite (default) paths
The plugin not only allow to change default urls of you WordPress, but it hide/block defaults! Many similar code, just change the slugs, but the default are still accessible.
Individual Plugin URL customization
Change Plugins Folder path and individual plugin url with custom data. Optionally block default urls from being accessible from outside.
HTML Meta clean-up for Meta Generator, wlwmanifest, feed_links, rsd_link, adjacent_posts_rel, profile link, canonical link
The admin-ajax.php is the default input for WordPress AJAX calls. This functionality allow to change to something else and block default.
Settings Import / Export
Easy settings migration and plugin set-up through an import / export functionality
PHP mod_rewrite and web.config compatible
Seamless integration with existing Apache mod_rewrite or IIS web.config PHP extensions to provide fast and efficient URL's changes.
Default WordPress directories change
Change and block default WordPress directories such as wp-content, wp-include, wp-admin. The new URL's are perfectly safe to be used along existing active theme and plugins. Everything is achieved virtually, no actual folder name is being changed.
Theme url change and clean-up
Theme and child theme styles clean-up and headers remove, to prevent display of theme name, version, author etc No one will know it's a WordPress theme
Clean up HTML comments produced by plugins or theme, WordPress core auto-generated classes as page-template-x, format-x, wp-image-x, etc for body, post, images etc
Arbitrary texts replacement
Specific texts in the output html can be replaced with custom data. This works with any html data including inner texts, attributes (classes) and tags.
Remove Headers from server responses which include X-Powered-By, X-Pingback etc
XML-RPC API control
Full control over XML-RPC API by changing and block default xml-rpc.php path, disable XML-RPC authentication, remove pingback
JSON REST API control
JSON REST V1 and V2 API control by disable or block the default url. Disable output the REST API link tag into page header, Disable JSON REST WP RSD endpoint,
CSS Advanced Options
Provide full control over CSS data and related (Html classes and IDs). Combine all assets and inline CSS into a single file, post-processing for comments remove, minify, Classes and IDs replacements within CSS assets and HTML.
Block access to default core files.
Block direct access to any of WordPress root files as license.txt, wp-load.php, wp-settings.php. Individual file access/ restrict is available.
Resources HTML output change
Emoji disable, styles and scripts resources clean-up, remove version from the URL's, remove ID attribute