🎉 Use coupon MYXERO to enjoy 20% recurring discount on any plan. View Pricing
XeroWP
Improve Website Security
Improve Website Security

Improve Website Security

5/5 (1 ratings) 40 active installs Updated Dec 4, 2025
change default Login Pagedisable right clickdisable-json-apiSecurity HeadersSolid WP Security Plugin
Download v1.0.1 Plugin Website
Backend settings

Backend settings

WordPress security is essential to protect your website from hackers and malicious attacks. Without proper security measures, your site can be vulnerable to data breaches, spam, and unauthorized access. A well-secured WordPress site ensures that your content, user data, and website functionality remain safe from threats.

This plugin boosts your WordPress security with several key features:

  1. Security Headers: Adds extra layers of protection by sending security headers with each page load.
  2. Change WP Login Error Message: Hides whether the username or password is incorrect, preventing hackers from easily guessing your login details.
  3. Disable WP REST API: Stops unauthorized access to your site’s data by disabling the REST API for non-logged-in users.
  4. Disable XML-RPC: Blocks XML-RPC functionality to prevent brute force attacks and unauthorized access.
  5. Disable Right-Click: Adds a basic level of protection against copying your site content by disabling right-clicking.
  6. Disable Ctrl+C, Ctrl+X, Ctrl+V, Ctrl+A: It will disable these shortcuts, preventing copying of site content.
  7. Email Alerts on Login: Sends the site admin an email alert every time someone logs into the WordPress dashboard.
  8. Change Default WP-Login URL: Customize your WordPress Login Page URL to any name instead of the default ‘wp-admin.’

Special Feature:
If you’re locked out of your WordPress Dashboard (e.g., forgot the custom login URL), you can deactivate the plugin using a special URL. This allows you to regain access without needing to log in to cPanel or FTP.

Tutorial video

If you want to learn more about how this plugin works, please check our website – ideastocode.com.

External services

This plugin connects to an API to obtain the IP address and country name, which are required to display the details when someone logs in to your WordPress dashboard.

It sends the logged-in user’s IP address and country information when they log in. If you are using WP Login Email Alerts, you are giving consent to use this service.
This service is provided by ipapi (ipapi.co): Terms of Service