Home

Awesome

ko-fi

WP-Simple-Security

Simple Wordpress Security plugin for preventing comment spam and brute force attacks.

Installation

General WP Protections

WP Admin Protections

Anti Spam Features

Login Form Protections

Login Form Nonce Verification

Hidden Login Form

How to use the hidden login form

  1. Add define('SIMPLE_SECURITY_LOGIN_TOKEN_NAME', 'token_name'); into your wp-config.php file.
  2. Add define('SIMPLE_SECURITY_LOGIN_TOKEN_VALUE', 'token_value'); into your wp-config.php file.
  3. You login form can now only be accessed via the following url: https://example.com/wp-login.php?token_name=token_value

IP Blocker

How to use the IP Blocker

  1. Add define('SIMPLE_SECURITY_USE_IP_BLOCKER', true); into your wp-config.php file.
  2. Add define('SIMPLE_SECURITY_BLOCK_INTERNAL_IPS', true); into your wp-config.php file if you wish to block internal and reserved IP ranges. The default is to not block these IP ranges.

Whitelisted IPs

How to whitelist IPs

  1. If you are using PHP 7 or above: a. Add define('SIMPLE_SECURITY_WHITELISTED_IPS', array( '127.0.0.1', '192.168.10.0/20', '::1' ) ); into your wp-config.php file.
  2. If you are using PHP 5.6: a. Add define('SIMPLE_SECURITY_WHITELISTED_IPS', serialize( array( '127.0.0.1', '192.168.10.0/20', '::1' ) ) ); into your wp-config.php file.

IPv4 addresses, IPv6 addresses, and IPv4 CIDR blocks are supported.