內容簡介
MaskMyAdmin 是一款輕量級的 WordPress 外掛,旨在增強登入頁面的安全性。它透過自訂登入路徑、IP 基礎的存取控制以及隱藏預設登入端點,幫助網站擁有者和開發者保護管理面板,防止機器人、攻擊者或好奇的使用者的未經授權訪問。
【主要功能】
• 自訂 wp-admin 登入路徑
• IP 基礎的白名單限制存取
• 逐步鎖定暴力破解攻擊
• 登入嘗試與設定變更的活動日誌
• 對被封鎖的 IP 發送電子郵件通知
外掛標籤
開發者團隊
② 後台搜尋「Mask My Admin – WordPress Login Security & URL Protection」→ 直接安裝(推薦)
原文外掛簡介
MaskMyAdmin is a lightweight WordPress plugin designed to enhance your login page security by:
– Replacing the default wp-admin and wp-login.php URLs with a custom login path of your choice
– Enforcing IP-based access controls for the WordPress dashboard and login screen
– Preventing unauthorized access or brute-force attempts by obscuring default login endpoints
Designed for site owners and developers who want to hide their admin panel from bots, attackers, or curious users.
Whether you’re running a blog, WooCommerce store, or enterprise WordPress install — MaskMyAdmin gives you a simple, intuitive way to lock down your admin entry points.
Features:
* Change wp-admin login path to a custom one (e.g., /secure-login)
* Optional IP-based whitelist — restrict dashboard access to specific IPs only
* Redirect blocked attempts to a custom page or homepage
* Progressive brute-force lockout (15 min → 1 hour → 24 hours)
* Activity log for login attempts and settings changes
* Email notifications for blocked IPs, failed logins, and settings changes
* Configurable proxy/CDN header for accurate IP detection (Cloudflare, Nginx, etc.)
* WP-CLI commands for emergency recovery and management
* Emergency disable via wp-config.php constant
* Defense-in-depth .htaccess rules for Apache servers (PHP handles all server types)
* Lightweight and fast — minimal performance impact
* Clean uninstall — all data removed when plugin is deleted
