{"id":550,"date":"2011-01-11T03:47:16","date_gmt":"2011-01-11T03:47:16","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/lockdown-wp-admin\/"},"modified":"2015-09-28T13:48:49","modified_gmt":"2015-09-28T13:48:49","slug":"lockdown-wp-admin","status":"publish","type":"plugin","link":"https:\/\/pcd.wordpress.org\/plugins\/lockdown-wp-admin\/","author":5853094,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"2.3.2","stable_tag":"2.3.2","tested":"4.3.34","requires":"3.6","requires_php":"","requires_plugins":"","header_name":"Lockdown WP Admin","header_author":"Sean Fisher","header_description":"","assets_banners_color":"","last_updated":"2017-11-28 06:00:41","external_support_url":"","external_repository_url":"","donate_link":"http:\/\/seanfisher.co\/donate\/","header_plugin_uri":"http:\/\/seanfisher.co\/lockdown-wp-admin\/","header_author_uri":"http:\/\/seanfisher.co\/","rating":3.9,"author_block_rating":0,"active_installs":10000,"downloads":340510,"num_ratings":54,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":[],"upgrade_notice":[],"ratings":{"1":12,"2":2,"3":1,"4":6,"5":33},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0","1.0.1","1.0.2","1.1","1.1.2","1.2","1.3","1.3.1","1.3.2","1.3.5","1.3.5.1","1.4","1.4.1","1.5","1.6","1.7","1.8","1.9","2.0","2.0.1","2.0.2","2.1","2.2","2.3","2.3.1","2.3.2"],"block_files":[],"assets_screenshots":[],"screenshots":[],"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[6459,125,600,6460,2427],"plugin_category":[38,54],"plugin_contributors":[78228],"plugin_business_model":[],"class_list":["post-550","plugin","type-plugin","status-publish","hentry","plugin_tags-lockdown","plugin_tags-secure","plugin_tags-security","plugin_tags-vulnerability","plugin_tags-website-security","plugin_category-authentication","plugin_category-security-and-spam-protection","plugin_contributors-sean212","plugin_committers-sean212"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/lockdown-wp-admin.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"<!--section=description-->\n<p>This plugin will hide WordPress Admin (\/wp-admin\/) when a user isn't logged in. If a user isn't logged in and they attempt to access WP Admin directly, they will be unable to and it will return a 404. It can also rename the login URL.<\/p>\n\n<p>Also, you can add HTTP authentication directly from WP Admin and add custom username\/password combinations for the HTTP auth or use the WordPress credentials.<\/p>\n\n<p>This doesn't touch any .htaccess files or change the WordPress core files. All the CSS\/Images under \/wp-admin\/ are still accessible, just not the .php ones.<\/p>\n\n<p>If you enable HTTP authentication, it will add HTTP authentication to the PHP files in \/wp-admin\/.<\/p>\n\n<p>To contribute to the development, check out <a href=\"https:\/\/github.com\/srtfisher\/Lockdown-WPAdmin\">the GitHub Repository<\/a>.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload <code>\/lockdown-wp-admin\/<\/code> to the <code>\/wp-content\/plugins\/<\/code> directory<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress<\/li>\n<li>Navigate to the \"Lockdown WP\" menu<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt>Installation Instructions<\/dt>\n<dd><ol>\n<li>Upload <code>\/lockdown-wp-admin\/<\/code> to the <code>\/wp-content\/plugins\/<\/code> directory<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress<\/li>\n<li>Navigate to the \"Lockdown WP\" menu<\/li>\n<\/ol><\/dd>\n<dt>How can we add files to the white list to hide from the public eye? We want to have AJAX and use a custom file, but we can't because it hides it from the public.<\/dt>\n<dd><p>You can add a file using the 'no_check_files' filter. Use this:<\/p>\n\n<pre><code>        function add_my_cool_filter($data)\n        {\n            \/\/ You have to accept the $data argument or else it will cause a system meltdown ;)\n            $data[] = 'my-file-name.php';   \/\/  JUST the file name.\n            return $data;\n        }\n        add_filter('no_check_files', 'add_my_cool_filter');\n<\/code><\/pre>\n\n<p>Simple.<\/p><\/dd>\n<dt>How can I get back in if Lockdown WP Admin locked me out?<\/dt>\n<dd><p>You can create a .txt file named 'disable_auth.txt' in your <code>wp-content\/plugins\/lockdown-wp-admin\/<\/code> folder (The file location would be <code>\/wp-content\/plugins\/lockdown-wp-admin\/disable_auth.txt<\/code>). We don't care about the content but that will disable the HTTP Auth and whatever was locking you out of your site.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0<\/h4>\n\n<ul>\n<li>Initial release<\/li>\n<\/ul>\n\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Fixed a link to a broken file<\/li>\n<\/ul>\n\n<h4>1.1<\/h4>\n\n<ul>\n<li>Fixed a bug on activating the plugin network wide, we disabled network wide activation.<\/li>\n<li>Cleaned up the plugin and prevented a double loop of the HTTP check, unnecessary.<\/li>\n<\/ul>\n\n<h4>1.2<\/h4>\n\n<ul>\n<li>Cleaned up more code.<\/li>\n<li>Security fixes that will prevent somebody from possibly hijacking your website. (Props Jon Cave)<\/li>\n<\/ul>\n\n<h4>1.3.1<\/h4>\n\n<ul>\n<li>Added the ability to change the login URL entirely. It will disable \/wp-login.php and give it whatever you want to make it.<\/li>\n<\/ul>\n\n<h4>1.4<\/h4>\n\n<ul>\n<li>Fixed a bug with user's with a index.php base<\/li>\n<li>Added stats for us to collect about about URL setup and server configuration for our users. This will let us make the plugin even better.<\/li>\n<li>Fixed bug for having private user management in WP Admin<\/li>\n<\/ul>\n\n<h4>1.4.2<\/h4>\n\n<ul>\n<li>Bug fixes<\/li>\n<li>Added <code>admin-ajax.php<\/code> to the files that we permit to be access in wp-admin.<\/li>\n<\/ul>\n\n<h4>1.6<\/h4>\n\n<ul>\n<li>Added way to get back into WP-ADMIN if locked out (See the FAQ)<\/li>\n<\/ul>\n\n<h4>1.7<\/h4>\n\n<ul>\n<li>Removed the stats that were collected to that we could understand the issues that users were having with the plugin.<\/li>\n<\/ul>\n\n<h4>1.8<\/h4>\n\n<ul>\n<li>Finally discovered why so many users had HTTP authentication errors. Fixed it to support almost 80% of hosts out there.<\/li>\n<li>If you still have problems, shoot me an email.<\/li>\n<\/ul>\n\n<h4>1.9<\/h4>\n\n<p>A very late update, sorry! Worked to fix many issues with the admin bar and the \"get_current_screen()\" error. If you still see issues, please contact me!<\/p>\n\n<h4>2.0<\/h4>\n\n<ul>\n<li>Provided a system dump to help in debugging issues that may arise.<\/li>\n<li>Fixes a issues on the 404 page under 3.5.1 (<code>get_current_screen()<\/code>)<\/li>\n<li>Cleanup, cleanup!<\/li>\n<\/ul>\n\n<h4>2.0.1<\/h4>\n\n<ul>\n<li>Bug fix by <a href=\"https:\/\/github.com\/michal-krause\">Michal Krause<\/a><\/li>\n<\/ul>\n\n<h4>2.0.2<\/h4>\n\n<ul>\n<li>Query string detection bug fix by <a href=\"http:\/\/wordpress.org\/support\/profile\/jamesbonham\">James Bonham<\/a><\/li>\n<li>Issues with WordPress in a sub-directory<\/li>\n<\/ul>\n\n<h4>2.1<\/h4>\n\n<ul>\n<li>Unit Testing! Unit Testing ensure more reliable code going forward<\/li>\n<li>Support for WordPress 3.6<\/li>\n<li>General Cleaning<\/li>\n<\/ul>\n\n<h4>2.2<\/h4>\n\n<ul>\n<li>Fixing issues with other plugins<\/li>\n<li>Support tested for 3.9<\/li>\n<li>Large code structure changes. If you are extending the <code>Lockdown_Manager<\/code> at all, you should basically check the class anew since it was separated into Admin and Application services.<\/li>\n<\/ul>\n\n<h4>2.3<\/h4>\n\n<ul>\n<li>Fixing issues with latests WordPress Version<\/li>\n<li>Cleaning of code, enhancements.<\/li>\n<li>Localizing all the strings.<\/li>\n<\/ul>","raw_excerpt":"Lockdown WP Admin conceals the administration and login screen from intruders. It can hide WordPress Admin (\/wp-admin\/) and and login (\/wp-login.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/550","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=550"}],"author":[{"embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/sean212"}],"wp:attachment":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=550"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=550"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=550"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=550"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=550"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}