NHR Secure – Hide Admin, Limit Login, 2FA & Vulnerability Checker

Keep your WordPress site safe with minimal effort. NHR Secure helps you:

• Hide or protect your admin area from unauthorized access.
• Limit login attempts to prevent brute-force attacks.
• Hide debug logs to prevent sensitive information disclosure.
• Add 2FA to your WordPress site.
• Scan core files, plugins, and themes for known vulnerabilities.

Features at a glance:

🔒 Limit Login Attempts

Stop brute-force attacks by temporarily blocking IPs after repeated failed login attempts. – Configurable attempt limit (1-20, default: 5) – Blocks based on IP + Username combination – Auto-unblock after 2 hours

🔐 Custom Login Page

Hide wp-login.php and use a custom login URL. – Default custom URL: /hidden-access-52w – Blocks direct access to wp-login.php and wp-admin for guests

🛡️ Protect Debug Log File

Blocks direct access to /wp-content/debug.log – Returns 403 Forbidden for all users

⚙️ Modern Settings Page

Configure everything from a beautiful React-powered interface. – Located under Tools → NHR Secure – Dark Mode support for comfortable viewing – Enable/disable each feature

🔐 Two-Factor Authentication (2FA)

Enable two-factor authentication for users. – Support for Authenticator Apps and Email OTP – Enforce 2FA for specific user roles (e.g., Administrators) – Recovery Codes for emergency access – QR code setup for Authenticator Apps

🛡️ Vulnerability Checker

Automatically scan your installed plugins, themes, and WordPress core against a known vulnerability database. – Daily automatic scans – Alerts for critical security issues – Check file integrity

⚡ Lightweight & Minimal

Designed to deliver maximum security with minimal code. No bloat, no complexity. – Compatible with most WordPress themes and plugins.

External Services

This plugin utilizes the WPVulnerability API to check for vulnerabilities. – Service: WPVulnerability – Data: Only plugin slugs and versions are sent. No personal data is collected.