Features Library
Explore 262+ advanced tools designed to simplify, enhance, and customize every aspect of your WordPress site — all in one powerful library.
No posts found
Security Tab > Login Protection
Enable Custom Login URL
How it works:
Creates a custom login URL to hide the default wp-login.php, redirecting unauthorized access attempts to 404 pages or homepage while maintaining secure access through the custom URL.Benefits:
Significantly reduces brute force attacks by obscuring the login page, improves overall site security, and eliminates automated login attempts targeting the default WordPress login URL.
Creates a custom login URL to hide the default wp-login.php, redirecting unauthorized access attempts to 404 pages or homepage while maintaining secure access through the custom URL.Benefits:
Significantly reduces brute force attacks by obscuring the login page, improves overall site security, and eliminates automated login attempts targeting the default WordPress login URL.
Security Tab > Login Protection
Enable Login Lockdown
How it works:
Limits login attempts to prevent brute force attacks by tracking failed login attempts per IP address and temporarily blocking access after reaching the configured threshold.Benefits:
Prevents automated password cracking attempts, reduces server load from malicious login attempts, and provides immediate protection against credential stuffing attacks.
Limits login attempts to prevent brute force attacks by tracking failed login attempts per IP address and temporarily blocking access after reaching the configured threshold.Benefits:
Prevents automated password cracking attempts, reduces server load from malicious login attempts, and provides immediate protection against credential stuffing attacks.
Security Tab > Login Protection
Enable Cloudflare Turnstile
How it works:
Enables Cloudflare Turnstile CAPTCHA on forms to prevent spam and automated submissions, supporting WordPress login forms, WooCommerce forms, and comment forms with privacy-focused verification.Benefits:
Blocks bot submissions effectively, provides better user experience than traditional CAPTCHAs, and offers privacy-focused spam protection without compromising user data.
Enables Cloudflare Turnstile CAPTCHA on forms to prevent spam and automated submissions, supporting WordPress login forms, WooCommerce forms, and comment forms with privacy-focused verification.Benefits:
Blocks bot submissions effectively, provides better user experience than traditional CAPTCHAs, and offers privacy-focused spam protection without compromising user data.
Security Tab > Login Protection
Enable Math Captcha
How it works:
Protects forms with a math-based captcha system that presents simple arithmetic problems to verify human users before form submission.Benefits:
Provides effective bot protection with simple user interaction, maintains accessibility for users with disabilities, and offers lightweight spam protection without external dependencies.
Protects forms with a math-based captcha system that presents simple arithmetic problems to verify human users before form submission.Benefits:
Provides effective bot protection with simple user interaction, maintains accessibility for users with disabilities, and offers lightweight spam protection without external dependencies.
Security Tab > Login Protection
Hide Remember Me Checkbox
How it works:
Removes the "Remember Me" checkbox from the login page to force users to authenticate for each session, improving security for shared computers.Benefits:
Enhances security on shared devices, prevents accidental persistent logins, and reduces security risks from abandoned browser sessions.
Removes the "Remember Me" checkbox from the login page to force users to authenticate for each session, improving security for shared computers.Benefits:
Enhances security on shared devices, prevents accidental persistent logins, and reduces security risks from abandoned browser sessions.
Security Tab > Login Protection
Enable Auto Logout
How it works:
Automatically logs out inactive users after a specified time period, monitoring user activity and terminating sessions to prevent unauthorized access.Benefits:
Prevents unauthorized access from abandoned sessions, improves security compliance, and reduces server resource usage from idle sessions.
Automatically logs out inactive users after a specified time period, monitoring user activity and terminating sessions to prevent unauthorized access.Benefits:
Prevents unauthorized access from abandoned sessions, improves security compliance, and reduces server resource usage from idle sessions.
Security Tab > File & API Restrictions
Disable .htaccess File Access
How it works:
Prevents direct access to .htaccess files through HTTP requests by adding server-level restrictions that return 403 Forbidden errors for .htaccess access attempts.Benefits:
Protects server configuration from exposure, prevents sensitive rule disclosure, and blocks potential security reconnaissance attempts.
Prevents direct access to .htaccess files through HTTP requests by adding server-level restrictions that return 403 Forbidden errors for .htaccess access attempts.Benefits:
Protects server configuration from exposure, prevents sensitive rule disclosure, and blocks potential security reconnaissance attempts.
Security Tab > File & API Restrictions
Disable all changes to all files via admin area
How it works:
Removes file editing capabilities from the WordPress admin area, including theme editor, plugin editor, and file management functions to prevent unauthorized code modifications.Benefits:
Prevents malicious code injection through admin interface, protects against privilege escalation attacks, and maintains code integrity by forcing changes through secure methods.
Removes file editing capabilities from the WordPress admin area, including theme editor, plugin editor, and file management functions to prevent unauthorized code modifications.Benefits:
Prevents malicious code injection through admin interface, protects against privilege escalation attacks, and maintains code integrity by forcing changes through secure methods.
Security Tab > File & API Restrictions
Disable file changes via plugin and theme editors
How it works:
Specifically disables the built-in WordPress theme and plugin editors that allow direct code modification through the admin interface.Benefits:
Prevents unauthorized code modifications, reduces attack surface for compromised admin accounts, and forces secure development practices through proper file system access.
Specifically disables the built-in WordPress theme and plugin editors that allow direct code modification through the admin interface.Benefits:
Prevents unauthorized code modifications, reduces attack surface for compromised admin accounts, and forces secure development practices through proper file system access.
Security Tab > File & API Restrictions
Disable XML-RPC
How it works:
Completely disables the XML-RPC functionality in WordPress, which is often targeted for brute force attacks, DOS attacks, and pingback abuse.Benefits:
Eliminates a major attack vector for brute force attempts, prevents pingback spam and DDOS attacks, and reduces server resource consumption from malicious XML-RPC requests.
Completely disables the XML-RPC functionality in WordPress, which is often targeted for brute force attacks, DOS attacks, and pingback abuse.Benefits:
Eliminates a major attack vector for brute force attempts, prevents pingback spam and DDOS attacks, and reduces server resource consumption from malicious XML-RPC requests.
Security Tab > File & API Restrictions
Remove REST API Links
How it works:
Removes REST API discovery links from the HTML head and HTTP headers while optionally restricting API access for non-authenticated users.Benefits:
Reduces API endpoint discovery by attackers, provides granular access control over REST API functionality, and maintains API functionality while improving security through obscurity.
Removes REST API discovery links from the HTML head and HTTP headers while optionally restricting API access for non-authenticated users.Benefits:
Reduces API endpoint discovery by attackers, provides granular access control over REST API functionality, and maintains API functionality while improving security through obscurity.
Security Tab > File & API Restrictions
REST API Access
How it works:
Configures REST API access levels with options for default access, restricting to admins only, logged-in users only, or complete disabling of REST API access.Benefits:
Provides granular control over API access, prevents unauthorized data access, and enables secure API usage while blocking malicious requests.
Configures REST API access levels with options for default access, restricting to admins only, logged-in users only, or complete disabling of REST API access.Benefits:
Provides granular control over API access, prevents unauthorized data access, and enables secure API usage while blocking malicious requests.
Security Tab > Identity & Data Privacy
Disable User Enumeration
How it works:
Prevents user enumeration attacks by blocking requests that attempt to discover usernames through author archives, REST API user endpoints, and login error messages.Benefits:
Protects user privacy by preventing username discovery, reduces reconnaissance opportunities for attackers, and maintains user anonymity.
Prevents user enumeration attacks by blocking requests that attempt to discover usernames through author archives, REST API user endpoints, and login error messages.Benefits:
Protects user privacy by preventing username discovery, reduces reconnaissance opportunities for attackers, and maintains user anonymity.
Security Tab > Identity & Data Privacy
Enable Email Address Obfuscator
How it works:
Provides a shortcode [obfuscate email="your@email.com" text="Contact Us"] that transforms email addresses into encoded formats to prevent harvesting by spam bots.Benefits:
Protects email addresses from spam bot harvesting, reduces unwanted email communications, and maintains contact functionality while preserving privacy.
Provides a shortcode [obfuscate email="your@email.com" text="Contact Us"] that transforms email addresses into encoded formats to prevent harvesting by spam bots.Benefits:
Protects email addresses from spam bot harvesting, reduces unwanted email communications, and maintains contact functionality while preserving privacy.
Security Tab > Identity & Data Privacy
Enable Automatic Email Address Obfuscation
How it works:
Automatically scans content and widgets to obfuscate all email addresses in mailto links and plain text, converting them to encoded formats that humans can use but bots cannot easily harvest.Benefits:
Provides comprehensive email protection without manual intervention, reduces spam significantly, and maintains email functionality while blocking automated harvesting.
Automatically scans content and widgets to obfuscate all email addresses in mailto links and plain text, converting them to encoded formats that humans can use but bots cannot easily harvest.Benefits:
Provides comprehensive email protection without manual intervention, reduces spam significantly, and maintains email functionality while blocking automated harvesting.
Security Tab > Two-Factor Authentication
Enable TOTP Authentication
How it works:
Allows users to set up two-factor authentication using authenticator apps like Google Authenticator, Authy, or Microsoft Authenticator, generating time-based one-time passwords for enhanced login security.Benefits:
Significantly improves account security, prevents unauthorized access even with compromised passwords, and provides industry-standard 2FA protection that users are familiar with.
Allows users to set up two-factor authentication using authenticator apps like Google Authenticator, Authy, or Microsoft Authenticator, generating time-based one-time passwords for enhanced login security.Benefits:
Significantly improves account security, prevents unauthorized access even with compromised passwords, and provides industry-standard 2FA protection that users are familiar with.
Security Tab > Two-Factor Authentication
Enable Email OTP
How it works:
Sends one-time passwords via email when users log in, providing an additional authentication layer that requires access to the user's email account.Benefits:
Provides accessible 2FA for users without smartphone apps, ensures email account control verification, and offers backup authentication method for enhanced security.
Sends one-time passwords via email when users log in, providing an additional authentication layer that requires access to the user's email account.Benefits:
Provides accessible 2FA for users without smartphone apps, ensures email account control verification, and offers backup authentication method for enhanced security.
Security Tab > Two-Factor Authentication
Allow Trusted Devices
How it works:
Enables users to mark devices as trusted for a configurable period, reducing 2FA prompts on frequently used devices while maintaining security for new or untrusted devices.Benefits:
Balances security with user convenience, reduces authentication fatigue, and maintains protection while improving user experience on trusted devices.
Enables users to mark devices as trusted for a configurable period, reducing 2FA prompts on frequently used devices while maintaining security for new or untrusted devices.Benefits:
Balances security with user convenience, reduces authentication fatigue, and maintains protection while improving user experience on trusted devices.
Security Tab > Two-Factor Authentication
Grace Period
How it works:
Sets a grace period for users to set up 2FA after it's enabled, allowing time for configuration while progressively enforcing stronger authentication requirements.Benefits:
Enables smooth 2FA deployment without immediate user disruption, provides time for user education and setup, and ensures security implementation without blocking legitimate access.
Sets a grace period for users to set up 2FA after it's enabled, allowing time for configuration while progressively enforcing stronger authentication requirements.Benefits:
Enables smooth 2FA deployment without immediate user disruption, provides time for user education and setup, and ensures security implementation without blocking legitimate access.
Security Tab > Content Protection
Enable Site-Wide Password Protection
How it works:
Protects the entire website with a site-wide password requirement, blocking all access until the correct password is entered, with optional IP address bypass functionality.Benefits:
Provides immediate site protection during development or maintenance, enables temporary access control, and offers simple but effective protection for sensitive content or work-in-progress sites.
Protects the entire website with a site-wide password requirement, blocking all access until the correct password is entered, with optional IP address bypass functionality.Benefits:
Provides immediate site protection during development or maintenance, enables temporary access control, and offers simple but effective protection for sensitive content or work-in-progress sites.
Security Tab > Content Protection
Block AI Crawlers
How it works:
Identifies and blocks known AI crawlers and scraping bots from accessing website content, using user agent detection and behavior analysis to prevent unauthorized content harvesting.Benefits:
Protects intellectual property from AI training datasets, prevents unauthorized content scraping, and maintains control over content usage while allowing legitimate search engine access.
Identifies and blocks known AI crawlers and scraping bots from accessing website content, using user agent detection and behavior analysis to prevent unauthorized content harvesting.Benefits:
Protects intellectual property from AI training datasets, prevents unauthorized content scraping, and maintains control over content usage while allowing legitimate search engine access.
Security Tab > Content Protection
Enable Spam Comment/Review Protection
How it works:
Prevents bots from submitting spam comments and product reviews by hiding form action URLs and dynamically adding them through JavaScript, making automated submissions significantly more difficult.Benefits:
Dramatically reduces spam submissions, improves content quality, and reduces moderation workload while maintaining accessibility for legitimate users.
Prevents bots from submitting spam comments and product reviews by hiding form action URLs and dynamically adding them through JavaScript, making automated submissions significantly more difficult.Benefits:
Dramatically reduces spam submissions, improves content quality, and reduces moderation workload while maintaining accessibility for legitimate users.
Security Tab > Content Protection
Disable Text Selection
How it works:
Prevents visitors from selecting and copying text content on the website using CSS and JavaScript techniques, with options for site-wide application or specific post types.Benefits:
Protects written content from easy copying, discourages content theft, and provides basic intellectual property protection while maintaining readability.
Prevents visitors from selecting and copying text content on the website using CSS and JavaScript techniques, with options for site-wide application or specific post types.Benefits:
Protects written content from easy copying, discourages content theft, and provides basic intellectual property protection while maintaining readability.
Security Tab > Content Protection
Restrict Editor Access to Specific Posts
How it works:
Allows administrators to prevent editors from accessing specific posts by modifying post capabilities and admin queries, providing granular content access control.Benefits:
Enables content access management beyond role-based permissions, protects sensitive content from unauthorized editing, and provides flexible content security for multi-author sites.
Allows administrators to prevent editors from accessing specific posts by modifying post capabilities and admin queries, providing granular content access control.Benefits:
Enables content access management beyond role-based permissions, protects sensitive content from unauthorized editing, and provides flexible content security for multi-author sites.
Security Tab > Content Protection
Disable Right Click
How it works:
Prevents users from accessing the right-click context menu using JavaScript event handlers, blocking common methods for accessing developer tools and copy functions.Benefits:
Provides basic content protection against casual copying attempts, deters non-technical users from accessing browser tools, and adds a layer of content security.
Prevents users from accessing the right-click context menu using JavaScript event handlers, blocking common methods for accessing developer tools and copy functions.Benefits:
Provides basic content protection against casual copying attempts, deters non-technical users from accessing browser tools, and adds a layer of content security.
Security Tab > Content Protection
Disable View Source (CTRL+U/⌘+U)
How it works:
Blocks keyboard shortcuts for viewing page source code using JavaScript event interception, preventing easy access to HTML source code.Benefits:
Protects source code from casual inspection, deters non-technical content theft attempts, and provides basic code protection for proprietary implementations.
Blocks keyboard shortcuts for viewing page source code using JavaScript event interception, preventing easy access to HTML source code.Benefits:
Protects source code from casual inspection, deters non-technical content theft attempts, and provides basic code protection for proprietary implementations.
Security Tab > Content Protection
Disable Inspect Element (F12 or CTRL+Shift+I/⌘+⌥+I)
How it works:
Blocks keyboard shortcuts and right-click options for accessing browser developer tools, preventing easy inspection of page elements and code.Benefits:
Protects against casual code inspection, prevents easy element manipulation, and provides basic protection against non-technical reverse engineering attempts.
Blocks keyboard shortcuts and right-click options for accessing browser developer tools, preventing easy inspection of page elements and code.Benefits:
Protects against casual code inspection, prevents easy element manipulation, and provides basic protection against non-technical reverse engineering attempts.
Security Tab > Content Protection
Disable Copy/Cut/Paste (CTRL+C/X/V / ⌘+C/X/V)
How it works:
Blocks standard copy, cut, and paste keyboard shortcuts using JavaScript event prevention, limiting content manipulation and extraction capabilities.Benefits:
Prevents easy text copying, protects content from clipboard-based theft, and adds friction to content extraction while maintaining basic site functionality.
Blocks standard copy, cut, and paste keyboard shortcuts using JavaScript event prevention, limiting content manipulation and extraction capabilities.Benefits:
Prevents easy text copying, protects content from clipboard-based theft, and adds friction to content extraction while maintaining basic site functionality.
Security Tab > Content Protection
Disable Select All (CTRL+A/⌘+A)
How it works:
Prevents the select all keyboard shortcut from functioning, blocking bulk text selection that could facilitate mass content copying.Benefits:
Protects against bulk content selection and copying, prevents easy mass text extraction, and maintains granular control over content access.
Prevents the select all keyboard shortcut from functioning, blocking bulk text selection that could facilitate mass content copying.Benefits:
Protects against bulk content selection and copying, prevents easy mass text extraction, and maintains granular control over content access.
Security Tab > Content Protection
Disable Save (CTRL+S/⌘+S)
How it works:
Blocks the browser's save page functionality through keyboard shortcut interception, preventing easy offline page saving.Benefits:
Prevents easy page downloading for offline viewing, protects against simple content archiving, and maintains some control over content distribution.
Blocks the browser's save page functionality through keyboard shortcut interception, preventing easy offline page saving.Benefits:
Prevents easy page downloading for offline viewing, protects against simple content archiving, and maintains some control over content distribution.
Security Tab > Content Protection
Disable Print (CTRL+P/⌘+P)
How it works:
Blocks print functionality through keyboard shortcut prevention and CSS print media query modifications, preventing easy content printing.Benefits:
Protects against physical content distribution, prevents unauthorized printing of proprietary content, and maintains control over content format and presentation.
Blocks print functionality through keyboard shortcut prevention and CSS print media query modifications, preventing easy content printing.Benefits:
Protects against physical content distribution, prevents unauthorized printing of proprietary content, and maintains control over content format and presentation.
Security Tab > Content Protection
Disable Text Selection (Mouse Selection)
How it works:
Prevents text selection using mouse dragging through CSS user-select properties and JavaScript event handling, making text highlighting impossible.Benefits:
Provides comprehensive text protection against copying, prevents easy content selection, and discourages casual content theft while maintaining readability.
Prevents text selection using mouse dragging through CSS user-select properties and JavaScript event handling, making text highlighting impossible.Benefits:
Provides comprehensive text protection against copying, prevents easy content selection, and discourages casual content theft while maintaining readability.
Security Tab > Content Protection
Disable Image Drag (Mouse Drag)
How it works:
Prevents images from being dragged and saved using CSS and JavaScript techniques, blocking the common drag-to-desktop image saving method.Benefits:
Protects images from easy downloading, prevents casual image theft, and maintains visual content security while preserving display functionality.
Prevents images from being dragged and saved using CSS and JavaScript techniques, blocking the common drag-to-desktop image saving method.Benefits:
Protects images from easy downloading, prevents casual image theft, and maintains visual content security while preserving display functionality.
Security Tab > Content Protection
Disable Safari Reader Mode (⌘+Shift+R)
How it works:
Blocks Safari's Reader Mode functionality that strips formatting and presents clean text, preventing content extraction through this browser feature.Benefits:
Maintains control over content presentation, prevents text extraction through Safari Reader, and preserves design integrity and branding.
Blocks Safari's Reader Mode functionality that strips formatting and presents clean text, preventing content extraction through this browser feature.Benefits:
Maintains control over content presentation, prevents text extraction through Safari Reader, and preserves design integrity and branding.
Security Tab > Content Protection
Apply to Administrators
How it works:
Extends content protection measures to administrator accounts, ensuring consistent security enforcement regardless of user role or permissions.Benefits:
Provides comprehensive security coverage, prevents privilege-based bypasses, and ensures consistent content protection across all user types.
Extends content protection measures to administrator accounts, ensuring consistent security enforcement regardless of user role or permissions.Benefits:
Provides comprehensive security coverage, prevents privilege-based bypasses, and ensures consistent content protection across all user types.
Security Tab > Stay Logged In
Enable Stay Logged In
How it works:
Extends WordPress login sessions to one year duration, modifying the default session timeout to provide persistent login functionality for improved user convenience.Benefits:
Eliminates frequent re-authentication requirements, improves user experience for trusted devices, and provides convenience while maintaining security through other protection measures.
Extends WordPress login sessions to one year duration, modifying the default session timeout to provide persistent login functionality for improved user convenience.Benefits:
Eliminates frequent re-authentication requirements, improves user experience for trusted devices, and provides convenience while maintaining security through other protection measures.
Security Tab > Stay Logged In
Auto-check “Remember Me” on Login Page
How it works:
Automatically selects the "Remember Me" checkbox on the login page by default, encouraging users to maintain persistent sessions without manual checkbox selection.Benefits:
Improves user experience by reducing login frequency, encourages session persistence for convenience, and simplifies the login process for regular users.
Automatically selects the "Remember Me" checkbox on the login page by default, encouraging users to maintain persistent sessions without manual checkbox selection.Benefits:
Improves user experience by reducing login frequency, encourages session persistence for convenience, and simplifies the login process for regular users.
Security Tab > Admin Notices
Enable Admin Notices Manager
How it works:
Provides a management interface to control and disable WordPress admin notices, allowing selective hiding of promotional messages, warnings, and notifications from plugins and WordPress core.Benefits:
Reduces admin interface clutter, improves focus on important notifications, and provides cleaner admin experience by eliminating unnecessary promotional content.
Provides a management interface to control and disable WordPress admin notices, allowing selective hiding of promotional messages, warnings, and notifications from plugins and WordPress core.Benefits:
Reduces admin interface clutter, improves focus on important notifications, and provides cleaner admin experience by eliminating unnecessary promotional content.
Security Tab > Staging Protection
Enable Staging Protection
How it works:
Protects staging environments through multiple access control methods including token URLs, HTTP basic authentication, temporary access tokens, IP whitelisting, and user role restrictions.Benefits:
Prevents unauthorized access to development sites, maintains staging environment security, and enables secure collaboration while protecting work-in-progress content from public access.
Protects staging environments through multiple access control methods including token URLs, HTTP basic authentication, temporary access tokens, IP whitelisting, and user role restrictions.Benefits:
Prevents unauthorized access to development sites, maintains staging environment security, and enables secure collaboration while protecting work-in-progress content from public access.