Khushal Login Path Guard

Khushal Login Path Guard is a WordPress security plugin that allows you to change your default login URL and protect your site from common attack vectors. The plugin blocks brute-force attempts, prevents user enumeration, secures sensitive files, and hides WordPress information from potential attackers. All blocked paths display 404 errors (Stealth Mode) instead of redirects, making your site invisible to attackers.

Features

Login Protection: * Blocks 17+ common brute-force login paths * Custom login URL (only you know the path) * Shows 404 error instead of redirect (no hints to attackers) * Protects /wp-admin, /login, /wp-login.php and more

Advanced Security: * Blocks XML-RPC (prevents brute-force via API) * Prevents user enumeration via REST API * Blocks author page enumeration (?author=1) * Protects wp-config.php and sensitive files * Blocks direct access to wp-includes PHP files * Removes WordPress version information

Security Headers: * X-Frame-Options (prevents clickjacking) * X-Content-Type-Options (prevents MIME sniffing) * X-XSS-Protection (XSS attack protection) * Referrer-Policy (privacy protection) * Permissions-Policy (feature restriction)

User-Friendly: * Easy settings interface * One-click URL copy * Normal functionality for logged-in users * Does not block AJAX requests * Clean admin interface

Security Benefits

1. Brute Force Protection – 15+ login paths blocked
2. XML-RPC Disabled – Prevents API-based attacks
3. User Enumeration Blocked – Hides usernames from attackers
4. Sensitive Files Protected – wp-config.php, .htaccess secured
5. Security Headers – Industry-standard HTTP headers
6. WordPress Hidden – Removes version and generator tags

इस्तेमाल करना बेहद आसान है

1. Plugin activate करें
2. Settings > Login Path Security में जाएं
3. अपना custom login path enter करें
4. Settings save करें
5. नया login URL use करें