Secured WP Wordpress Plugin - Rating, Reviews, Demo & Download
Plugin Description
Adds layer of security for your WordPress site. Adds custom login page slug, enables 2FA, removes security issues. Adds remember device, counts login attempts and lock usernames if the password is wrong. Out of bond e-mail is also supported – instead of entering codes, your user can use simple login link from within their e-mail client.
Woocommerce
Woocommerce is also supported for 2FA, just enable the plugin and all your customers will be asked to enable two-factor authentication.
List with currently supported features:
- Login redirection – redirects the default wp-login.php to a slug of your choice
- Login attempts – counts the unsuccessful attempts, and locks user if there are too many
- 2FA settings – gives the ability to use two factor authentication and Out Of Bond email link
- Remember devices – current device could be remembered for given amount of days and user wont be asked to login again before that
- Removes XML-RPC from your WordPress site
Login Redirection
You can change the default wp-login.php to slug of your choice. That will prevent most common hacker attacks and will harden your WordPress installation. You can redirect the original wp-login.php to the slug of your choice.
2FA login
Enable two-factor authentication for your WordPress site, and to enforce your website users, or some of them to use 2FA. Next time user logins s/he will be asked to enable the 2FA using their favorite application. Once the process is completed, every time the user logs, s/he will be asked to provide the 2FA code.
Login Attempts
This gives you the ability to prevent brute force attacks if the hacker knows the username and tries to guess the password. With this enabled, after the given amount of tries that specific user will be marked as locked, and any further attempt to use that username for login will be postponed for given amount of time.
Remember device setting
With that, user can use given device for the given amount of days without being asked to reenter the username/pass. The devices can be removed or checked from the default user settings page.
That setting is based on current setting (global) for the current moment, which means that when the day value (in settings) is changed globally, that wont reflect the already set cookies and user devices.
Example: If you set that to 10 days and there is a user which decide to use Remember Device functionality, when you change that value to 15 days, that wont increase the time for that user. Same applies for decreasing the value.
Screenshots
-
Main screen of the plugin, settings tabs and information about the settings
-
2FA login screen, user does not have enabled 2FA yet
-
E-mail with the Out of Bond link
-
Woocommerce My Profile page
-
Extends default Users menu bulk actions
-
Extends default Users list by adding new filter drop-down from where you can easily filer users by user role
-
Adds new column to the standard Users menu – you can see the status of every user, and sort the Locked and Logged in users