🎉 Use coupon MYXERO to enjoy 20% recurring discount on any plan. View Pricing
XeroWP
Shield WP Admin
Shield WP Admin

Shield WP Admin

0/5 (0 ratings) 10 active installs Updated Feb 10, 2026
admin safeadmin shieldhide loginlogin securitysecurity
Download v1.0 Plugin Website
Dashboard settings to manage all Shield WP Admin features.

Dashboard settings to manage all Shield WP Admin features.

Shield WP Admin is a lightweight yet powerful plugin designed to enhance the security of your WordPress admin area. With an easy-to-use interface and essential protection tools, it helps safeguard your site against common threats and vulnerabilities.

Key Features:

  • Custom Admin Login URL
    Hide or customize the default /wp-login.php URL to prevent unauthorized login attempts.

  • Limit Login Attempts
    Protect against brute-force attacks by limiting failed login retries.

  • Google reCAPTCHA Integration
    Add reCAPTCHA to the login screen to block bots and automated scripts.

  • Disable XML-RPC
    Prevent exploitation via XML-RPC by disabling its access entirely.

  • Disable File Editor
    Block access to the theme and plugin file editor in the WordPress dashboard.

  • Hide WordPress Version
    Conceal your WordPress version from source code to reduce exposure to targeted attacks.

  • Force HTTPS Redirection
    Redirect all HTTP requests to HTTPS to ensure secure access.

  • Disable Pingbacks & Trackbacks
    Protect your site from spam and DDoS attacks by disabling pingbacks and trackbacks.

  • IP Blacklisting
    Block specific IP addresses directly from the admin panel to protect the site.

  • Admin Login Form Logo Change
    You can change the logo of admin login form.

Why Shield WP Admin?
Whether you’re a developer or a site owner, Shield WP Admin provides a smart, flexible solution to strengthen your WordPress backend—without bloating your site or overwhelming your dashboard.

External Services

This plugin uses Google reCAPTCHA to protect the admin login from automated brute-force attacks.

  • Service Used: Google reCAPTCHA
  • Service Domain: https://www.google.com/recaptcha
  • Purpose: Used to verify that the user is human, preventing spam or Brute-force attacks on admin login protected by the plugin.
  • What Data is Sent: When a user interacts with a reCAPTCHA-protected form, their interaction (including IP address, user agent, and possibly cookies) is sent to Google’s reCAPTCHA service for validation and verification.
  • When Data is Sent: This data is transmitted to Google when the form is loaded (due to the JS script) and again when the form is submitted.
  • Service Provider: Google
  • Terms of Service: https://policies.google.com/terms
  • Privacy Policy: https://policies.google.com/privacy