Disable direct access to your WordPress sites /wp-login.php script (with Login Locker), plus user notifications based on login actions.
This plugin removes the HTML form from the /wp-login.php
file unless you are pre-authorized.
Activating the plugin will create an encrypted cookie granting you access to the login page. The default cookie is good for 1 year and will only authorize your current device. So switching to a private window, new computer or browser will require a re-authorization check.
Authorization Check
In order to access the login page you need to pass in the query parameter of auth_check
and a value of either {user_login} OR {user_email}
. Example: https://example.com/wp/wp-login.php?auth_check=gandalf
OR https://example.com/wp/[email protected]
Please note that this package is licensed under MIT, requires PHP >= 8.1, WordPress >= 6.4.
Alternative Plugin Installation (via Composer)
To install this package, edit your `composer.json` file:
{ "require": { "thefrosty/wp-login-locker": "^2.5" } }
Now run: $ composer install thefrosty/wp-login-locker
…Or
Just run: $ composer require thefrosty/wp-login-locker:^2.0
Screenshots

100% No-RISK Money back Guarantee!
You are fully protected by our 100% No-Risk Double-Guarantee. If you don’t like this plugin over the next 14 days, then we’ll happily refund 100% of your money. No questions asked.
You must log in and be a buyer of this download to submit a review. Login