=== WPHH SECURE – AIO WordPress Security With File Locking & WP Hide Login === Contributors: wp-hacked-help Tags: WordPress security, file locking, hide login URL, brute force protection, wp filesystem Requires at least: 5.0 Tested up to: 6.9 Requires PHP: 7.2+ Stable tag: 1.1.9 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Secure your WordPress site with one-click file locking, login path hiding, role-based access, and smart dashboard visibility. Built for speed, security, and control. == Full Description == **WPHH SECURE** by [WP Hacked Help](https://secure.wphackedhelp.com) is a comprehensive WordPress security plugin that integrates advanced file protection and login URL obfuscation. It blocks brute-force attacks, unauthorized access, and file tampering by allowing you to easily lock or unlock your WordPress files and folders with a single click. The plugin comes with a user-friendly interface and real-time feedback, ensuring secure operations without any technical knowledge required. WPHH SECURE is built to work seamlessly with the native WordPress functions, ensuring compatibility and safety for all sites, including blogs, business sites, and WooCommerce stores. With automatic exclusions for sensitive folders and the ability to manage folder exceptions, WPHH SECURE ensures that critical areas like uploads, cache, and backups are not locked accidentally. It also features login URL hiding to prevent unauthorized access to your site’s backend. **Key Features:** ✅ **One-Click Lock/Unlock** – Lock or unlock all WordPress files and folders with a single click. ✅ **Smart Dashboard** – Access real-time status updates and track lock activities in the dashboard. ✅ **Role-Based Access** – Configure permissions to restrict access to the lock/unlock feature based on user roles. ✅ **Login URL Hiding** – Prevent brute-force login attempts by hiding or changing your default WordPress login URL. ✅ **Safe File Handling** – Built on WP_Filesystem for secure file handling using AJAX for smooth background execution. ✅ **Auto Exclusions** – Automatically exclude high-priority folders (e.g., uploads, cache, backups) from being locked. ✅ **Visual Progress Feedback** – Watch real-time updates with progress bars and completion messages. ✅ **Folder Exclusion Manager** – Easily add or remove folders from the exclusion list to keep them safe. == Installation == There are three ways to install the WPHH SECURE plugin: 1. **WordPress Admin Method** A. Go to your WordPress dashboard. B. Navigate to Plugins > Add New. C. Search for **WPHH SECURE**. D. Click **Install** and then **Activate**. 2. **Manual Installation (via .zip file)** A. Download the plugin ZIP file from WordPress.org. B. In your WordPress dashboard, go to Plugins > Add New. C. Click **Upload Plugin** and select the ZIP file. D. Click **Install Now**, then **Activate**. 3. **FTP Method** A. Download and extract the plugin ZIP on your computer. B. Upload the extracted `WPHH SECURE` folder to `/wp-content/plugins/` using FTP. C. Go to Plugins > Installed Plugins in WordPress and click **Activate**. == Frequently Asked Questions == Q: **Will this affect website speed?** A: No, the plugin is lightweight and uses background processing methods native to WordPress, so there’s no noticeable impact on speed. Q: **Can I restore the original login URL later?** A: Yes, you can revert to the default settings at any time via the plugin settings. Q: **Are my media or backup folders safe?** A: Yes, these folders are auto-excluded by default from the locking process to ensure they remain accessible. Q: **Is WPHH SECURE compatible with cache and backup plugins?** A: Yes, the plugin works perfectly with cache and backup plugins without interfering with their processes. Q: **Can I exclude specific folders or files from being locked?** A: Yes, you can easily add folders or files to the exclusion list from the plugin’s settings page. == Screenshots == 1. Dashboard page showing services and quick status. 2. Full-page UI to lock or unlock the website with a single click. 3. Permission settings to control who can lock/unlock the website. 4. Processing message after clicking the lock/unlock button. 5. Locking process status with progress and confirmation. 6. Excluded folders settings to manage folder exclusions (view, add, or remove). 7. WP Hide URL settings page to change login URL and other hide options. == Changelog == = 1.1.8 = * Added automatic cleanup of log files older than 24 hours. * Improved logging performance and file handling. = 1.1.5 = * Added support to reset file and folder values when deactivating the plugin. * Improved handling for fetching `wp-config.php` if it's located outside of the `public_html` directory. = 1.1.4 = * Added additional cache and backup folder locations by default. * Fixed issue with WordPress redirecting after logout when using the "Hide WP Login URL" feature. * Disabled the default login URL and replaced it with a custom path stored in the database. * Implemented minor UI fixes for better user experience. = 1.1.3 = * Enhanced AJAX functionality for real-time status updates during lock/unlock operations. * Introduced "Hide WP Login URL" feature to block access to the default WordPress login page. * Made improvements to the user interface for better functionality and usability. = 1.1.2 = * Added AJAX-based background task handling to improve performance. * Introduced feature to hide the default WordPress login URL for added security. * Minor UI improvements and bug fixes. = 1.1.1 = * Ensured compliance with WordPress.org plugin repository standards. * Fixed minor bugs for better stability. = 1.1.0 = * Major improvements to security and performance. * Enhanced compatibility with the latest version of WordPress. == Upgrade Notice == = 1.1.8 = Log files older than 24 hours will be automatically removed after updating. = 1.1.5 = This update includes the ability to reset file and folder values when deactivating the plugin, along with improved handling of `wp-config.php` when it’s located outside of `public_html`. Highly recommended for users with custom file structures. = 1.1.4 = This release improves security by disabling the default login URL and updating it to a custom path. It also addresses issues with WordPress login redirects and improves cache and backup folder configurations. Recommended for all users. = 1.1.3 = Enhancements for AJAX-based status updates and login URL hiding are included in this version. UI improvements and bug fixes are also part of this release.