SecuPlug is the simplest and fastest security plugin for WordPress. It disables particular XML-RPC services which you are selected,
hides login page url and redirect HTTP traffic to HTTPS.
WordPress hack attempts (and spam comments) are mostly becoming on XML-RPC requests.
Secuplug helps you about manage some of your critical XML-RPC services. It disables particular XML-RPC services which you are selected.
So, it makes your site safe against XML-RPC attacks ex. Spam Comments without disabling all XML-RPC services.
XML-RPC FULL PROTECTION (Disable all xml-rpc)
Denies all remote requests. Most commonly preferred to block all remote attacks.
XML-RPC LOGIN PROTECTION
Denies remote login requests. Most commonly preferred to brute force login attempts.
XML-RPC PINGBACK PROTECTION
Denies remote pingback requests. Most commonly preferred to prevent DDoS attacks.
SELF PINGBACK PROTECTION
Denies remote self pingback requests. Most commonly preferred to prevent DDoS attacks.
You can enable SSL if you have an SSL certificate. But, firstly you must buy an SSL certificate from any SSL dealer.
Also, you can use cloudflare free SSL service. Secuplug redirects the URLs of the zones you select on your site as HTTPS/SSL by force.
Also, it enhances the security of your login page by concealing the address and by ensuring SSL of your login page.
Enable HTTPS / SSL
SSL automatically encrypts your privileged information data.
Force HTTPS Login
Redirect login page protocol HTTP to HTTPS
Forge HTTPS Admin
Redirect admin page protocol HTTP to HTTPS
Force HTTPS Front Page
Redirect front page protocol HTTP to HTTPS
Change Login Error
Disable your default login errors and give the attackers less than what them needed
Change Admin ID
Not hard to forecast your Admin ID, if your admin ID is
1. Secure your site against simple sql vulnerabilities.
New Custom Login URL
You can change of your login page URL name without SSL problems.
Filter Bad Requests
Helps to secure your site against attacks like XSS, CSRF, Code Injections.
Disable Rest API
Hides your sensitive informations from the attackers. For instance Admin user id, user list and their IDs.
For complete information, please visit our website the SecuPlug website.
- Download and unzip the plugin into your WordPress plugins directory (usually
- Activate the plugin through the ‘Plugins’ menu in your WordPress Admin.
- Go to the Plugin’s settings page and then it’s up to you.
If you have any question, you can post a support request
There are no reviews for this plugin.
Contributors & Developers
“Secuplug The Simplest and Fastest Security Plugin” is open source software. The following people have contributed to this plugin.Contributors
Translate “Secuplug The Simplest and Fastest Security Plugin” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
- Added: New firewall settings
- Updated: Disable Rest API feature will disable only users service and main service any more. (Plugin issues are solved)
- incomplete and forgotten cookie security code that lead to problem has disabled
- Added new firewall features
- Fixed errors in js files
- Fixed https and login page protect issues on admin-ajax.php
- Fixed an exceptional circumstance in the “hide admin login url” link.
- Added no valid SSL certificate and get an SSL warning in the settings page
- Improved user experience for admin settings form
- Improved SSL / HTTPS implementation
- Added settings notification
- Removed useless Run the scanner menu for now
- Visual enhancements
- fixed access denied issue when changing schema https to http on admin page
- testing for version 1.2.11
- Fixed auto loading of fix ssl js file without enable it
- Fixed SSL URL replacement and redirection
- Added ssl enable and forge ssl options
- Added self pingback disable feature
- Visual enhancements
- Fixed some HTTPS issues in wp-admin and wp-login
- fixed infinity redirection
- fixed admin auth-fallback login screen issue
- fixed some typos
- some minor changes
- fixed https redirect
- fixed https issue
- Fixed some issues
- Added composer autoload
- Fixed some typos
- added new functions to wp_common trait