=== XO Security === Contributors: ishitaka Tags: security, login, pingback, xmlrpc, rest, rest-api Requires at least: 4.6 Tested up to: 5.7 Requires PHP: 5.6 Stable tag: 2.7.2 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html XO Security is a plugin to enhance login related security. == Description == XO Security is a plugin to enhance login related security. This plugin does not write to .htaccess file. LiteSpeed, Nginx and IIS also work. = Functions = * Record login log. * Limit login attempts. * Login Alert. * Add Captcha to the login form and comment form. * Change the URL of the login page. (WordPress multisite subdomain type is not supported). * Disable login by mail address. * Disable login by user name. * Change login error message. * Disable XML-RPC and XML-RPC Pingback. * Disable REST API. * Change REST API URL prefix. * Disable author archive page. * Remove comment author class of comments list. * WordPress multisite support. * WooCommerce login page protection. == Installation == 1. Upload the `XO-Security` folder to the `/wp-content/plugins/` directory. 2. Activate the plugin through the Plugins menu in WordPress. 3. Go to "Settings" -> "XO Security" and customize behaviour as needed. == Screenshots == 1. Login log page. 2. Status page. 3. Login setting page. == Frequently Asked Questions == = Login page is not displayed. = Please initialize the settings. * In wp_options table, the value of the option_name field (column) is to remove the record of "xo_security_options". * If you have set the login page, please delete the file. = The CAPTCHA is not displayed. = Please install mbstring and GD module. == Changelog == = 2.7.2 = * Changed so that only super admin can see the login log in case of WordPress multisite. = 2.7.1 = * Fixed a bug that an error message was displayed on the admin page. = 2.7.0 = * Restructured the settings page. * Added the function to customize the login form. = 2.6.0 = * Changed to remove the standard sitemap user provider when disabling the author archive. = 2.5.0 = * Added login type column to login log. = 2.4.0 = * Added the option to select the method of acquiring the IP address. = 2.3.0 = * Added a feature to disable login by user name and enable login by email only. = 2.1.3 = * Fixed a bug that could slow down the display of the admin page. (Thanks to mocchii) = 2.1.0 = * Added function to display site information. = 2.0.0 = * Added option to change login error message. * Added option to disable login by mail address. = 1.5.3 = * Fixed XSS vulnerability. (Thanks to pluginvulnerabilities.com) = 1.0.0 = * Initial release.