Security Plugin for WordPress

View project on GitHub

DozWPSecure v1.3

A basic security plugin for WordPress 4.x, 5.0 or higher. You can selectively disable unused features in WordPress core, and this plugin will help you to remove unnecessary information to be disclosed to attackers. You can find more details in the User Manual.

Basic WP Security Hardening

  • Remove WP Version Details
  • Disable XMLRPC
  • Disable Pingback
  • Disable Windows Live Writer
  • Disable RSS Feeds
  • Disable JSON & REST API
  • Enable Security Headers (X-Frame-Options, X-XSS-Protection, X-Content-Type-Options)
  • Remove PHP Version Header

Optional Settings

  • Remove HTML Comment Tags
  • Trim HTML Response

Custom Login URL

  • Customize Login URL
  • Customize Login Logo URL
  • Enforce HTTPS Login

User Manual: