Title: Shield WP Admin Author: Differenz System Published: آقوست 25, 2025 Last modified: ژون 1, 2026 --- Search plugins ![](https://ps.w.org/shield-wp-admin/assets/banner-772x250.png?rev=3349778) ![](https://ps.w.org/shield-wp-admin/assets/icon-256x256.png?rev=3349778) # Shield WP Admin By [Differenz System](https://profiles.wordpress.org/differenzsystem/) [Download](https://downloads.wordpress.org/plugin/shield-wp-admin.1.0.3.zip) * [Details](https://azb.wordpress.org/plugins/shield-wp-admin/#description) * [Reviews](https://azb.wordpress.org/plugins/shield-wp-admin/#reviews) * [Installation](https://azb.wordpress.org/plugins/shield-wp-admin/#installation) * [Development](https://azb.wordpress.org/plugins/shield-wp-admin/#developers) [Support](https://wordpress.org/support/plugin/shield-wp-admin/) ## Description **Shield WP Admin** is a lightweight yet powerful plugin designed to enhance the security of your WordPress admin area. With an easy-to-use interface and essential protection tools, it helps safeguard your site against common threats and vulnerabilities. **Key Features:** * **Custom Admin Login URL** Hide or customize the default `/wp-login.php` URL to prevent unauthorized login attempts. * **Limit Login Attempts** Protect against brute-force attacks by limiting failed login retries. * **Google reCAPTCHA Integration** Add reCAPTCHA to the login screen to block bots and automated scripts. * **Disable XML-RPC** Prevent exploitation via XML-RPC by disabling its access entirely. * **Disable File Editor** Block access to the theme and plugin file editor in the WordPress dashboard. * **Hide WordPress Version** Conceal your WordPress version from source code to reduce exposure to targeted attacks. * **Force HTTPS Redirection** Redirect all HTTP requests to HTTPS to ensure secure access. * **Disable Pingbacks & Trackbacks** Protect your site from spam and DDoS attacks by disabling pingbacks and trackbacks. * **IP Blacklisting** Block specific IP addresses directly from the admin panel to protect the site. * **Admin Login Form Logo Change** Customize the logo displayed on the WordPress login form. * **Audit Logs** Shield WP Admin includes an **Audit Logs** admin page to help you monitor user login activity. - **Where to find it**: **WordPress Admin -> Shield WP Admin -> Audit Logs** - **What it records**: user login activity events (e.g. successful/failed logins). - **Why it helps**: Investigate suspicious access attempts and review login history. #### Why Shield WP Admin? Whether you’re a developer or a site owner, Shield WP Admin provides a smart, flexible solution to strengthen your WordPress backend without bloating your site or overwhelming your dashboard. ### Shield WP Admin Pro Features: **Shield WP Admin Pro** is a powerful WordPress security plugin designed specifically to protect and harden the WordPress admin area. It focuses on preventing unauthorized access, reducing common attack vectors, and providing administrators with clear visibility into security-related activities. Instead of relying on a single protection layer, Shield WP Admin Pro applies multiple security mechanisms such as login protection, two-factor authentication, bot detection, file change monitoring, and backup recovery tools. The plugin is suitable for single- site owners, agencies, and developers managing multiple WordPress installations. #### 󠀁[Click here to purchase Shield WP Admin Pro now!](https://www.templatemonster.com/wordpress-plugins/shield-wp-admin-pro-plugin-ultimate-admin-protection-570078.html)󠁿 Read our plugin [documentation](https://swpapro.differenzuat.com/documentation/) for more details. #### 1. Login Security: The **Login Security** module protects your WordPress login system against automated bots, brute-force attempts, and malicious injection attacks. It also allows you to configure notifications and manual user registration approval. #### 2. Rate Limit & Bot Protection: The **Rate Limit & Bot Protection** module helps protect your WordPress admin area and custom login page from automated bots, excessive requests, and brute-force attacks by monitoring request patterns and user-agent behavior. #### 3. Fake Bot Detection: The **Fake Bot Detection** feature protects your website from malicious crawlers that pretend to be legitimate search engine bots such as Googlebot, Bingbot, or other well-known crawlers. Many bots fake their User-Agent string to bypass basic security checks. Shield WP Admin Pro verifies these requests using DNS validation to ensure that the request actually originates from the official crawler network. #### 4. Two-Factor Authentication: The **Two-Factor Authentication (2FA)** adds an extra layer of security to WordPress user accounts by requiring a second verification step during login. Even if a password is compromised, unauthorized access is prevented. Supported Authenticator Apps: Google Authenticator (iOS & Android) and Microsoft Authenticator (iOS & Android) #### 5. Secure APIs: The **Secure APIs** module helps protect your WordPress site from data exposure and abuse through REST APIs and application-level entry points. #### 6. Hotlink Protection: The **Hotlink Protection** feature prevents other websites from directly embedding your images and media files, helping to protect your bandwidth and server resources. When hotlink protection is enabled, only approved domains are allowed to load images hosted on your website. #### 7. Malware Scanner: The **Malware Scanner** module scans your WordPress installation for suspicious files, malicious code patterns, and unexpected file changes that may indicate a security threat. It provides manual and automatic scanning options, quarantine handling, and file exclusion controls to give you full visibility and control. #### 8. File Modified Scanner: The **File Modified Scanner** helps you monitor changes made to your WordPress files. It is designed to detect unauthorized or unexpected file modifications that may indicate hacking, malware injection, or suspicious activity. #### 9. Login Analytics: The **Login Analytics** module provides detailed insights into user login activity across your WordPress site. It helps administrators monitor login behavior, detect unusual access patterns, and improve overall account security. #### 10. Traffic Analytics: The **Traffic Analytics** module provides real-time visibility into visitor activity across your WordPress site. It tracks page hits, requests, IP addresses, referrers, and client details to help you understand traffic behavior and detect suspicious activity. #### 11. Backup & Restore: The **Backup & Restore** feature allows you to create secure backups of your WordPress site and restore them when needed. This is especially useful before updates, migrations, troubleshooting, or recovering from unexpected issues. #### 12. Email & SMTP: The **Email & SMTP** module ensures reliable email delivery for all system notifications, security alerts, and OTP emails generated by Shield WP Admin Pro. Proper SMTP configuration is essential for features such as Email OTP, alerts, and administrative notifications. ### External Services This plugin uses Google reCAPTCHA to protect the admin login from automated brute- force attacks. * **Service Used**: Google reCAPTCHA * **Service Domain**: https://www.google.com/recaptcha * **Purpose**: Used to verify that the user is human, preventing spam or Brute- force attacks on admin login protected by the plugin. * **What Data is Sent**: When a user interacts with a reCAPTCHA-protected form, their interaction (including IP address, user agent, and possibly cookies) is sent to Google’s reCAPTCHA service for validation and verification. * **When Data is Sent**: This data is transmitted to Google when the form is loaded( due to the JS script) and again when the form is submitted. * **Service Provider**: Google * **Terms of Service**: https://policies.google.com/terms * **Privacy Policy**: https://policies.google.com/privacy ## Screenshots * [[ * Dashboard settings to manage all Shield WP Admin configurations. * [[ * Audit Logs page showing login activity. ## Installation 1. Upload the plugin folder `shield-wp-admin` to the `/wp-content/plugins/` directory, or install it directly via the WordPress Plugins screen. 2. Activate the plugin through the **Plugins** menu in WordPress. 3. Navigate to Shield WP Admin in the WordPress admin menu. ## FAQ ### How can I access the login page after changing the URL? Make sure to bookmark or note your new login URL. If you forget it, you can disable the plugin via FTP or your hosting control panel. ### Will this plugin conflict with other security plugins? Shield WP Admin is built to work alongside most major security plugins. However, it’s best to avoid overlapping functionalities like multiple reCAPTCHA or login limiter features. ### What is the default admin login slug when you’ve activated it? Default admin login slug is `mysecretlogin`. ### Does the plugin impact website performance? The plugin is built to be lightweight. ### What happens if I forget my custom login URL? Disable the plugin via FTP or your hosting file manager to restore the default WordPress login URL, then reconfigure your preferred custom path. ### Which features are available in the free version? The free tier includes core login protection. Premium-only modules cover malware integrity scanning, QR code generation, license validation, and advanced controls. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “Shield WP Admin” is open source software. The following people have contributed to this plugin. Contributors * [ Differenz System ](https://profiles.wordpress.org/differenzsystem/) [Translate “Shield WP Admin” into your language.](https://translate.wordpress.org/projects/wp-plugins/shield-wp-admin) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/shield-wp-admin/), check out the [SVN repository](https://plugins.svn.wordpress.org/shield-wp-admin/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/shield-wp-admin/) by [RSS](https://plugins.trac.wordpress.org/log/shield-wp-admin/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0.3 * Added user audit logs to the admin panel. * Minor improvements and bug fixes. #### 1.0.2 * Tested compatibility with the latest WordPress version. * Minor improvements and fixes. #### 1.0 * Initial release of Shield WP Admin with core security features. ## Meta * Version **1.0.3** * Last updated **10 ساعاتلار ago** * Active installations **10+** * WordPress version ** 5.0 or higher ** * Tested up to **7.0** * PHP version ** 7.2 or higher ** * Language * [English (US)](https://wordpress.org/plugins/shield-wp-admin/) * Tags * [brute force protection](https://azb.wordpress.org/plugins/tags/brute-force-protection/) [hide login](https://azb.wordpress.org/plugins/tags/hide-login/)[login security](https://azb.wordpress.org/plugins/tags/login-security/) [recaptcha](https://azb.wordpress.org/plugins/tags/recaptcha/)[security](https://azb.wordpress.org/plugins/tags/security/) * [Advanced View](https://azb.wordpress.org/plugins/shield-wp-admin/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/shield-wp-admin/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/shield-wp-admin/reviews/) ## Contributors * [ Differenz System ](https://profiles.wordpress.org/differenzsystem/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/shield-wp-admin/)