=== Custom Login Protector ===
Contributors:      sonofgod
Donate link:       https://www.paypal.com/donate?hosted_button_id=U4J5DYNJ4ZBEQ
Tags:              login customize, security, protect, admin, hide login
Requires at least: 5.0
Tested up to:      6.9.4
Requires PHP:      7.0
Stable tag:        1.2.2
License:           GPLv2 or later
License URI:       https://www.gnu.org/licenses/gpl-2.0.html

Protect your WordPress login by changing its URL, blocking defaults, and customizing its appearance with layouts, a custom logo, and CSS.

== Description ==

Custom Login Protector enhances your WordPress site's security through obscurity and allows deep visual customization of the login experience. It allows you to easily change the URL of your login form and prevents direct access to default login pages when not logged in. Additionally, you can personalize the entire look and feel of your login screen.

**Key Security Features:**

*   **Change Login URL:** Set a custom path (e.g., `yoursite.com/secret-access`) for your login page, making it harder for bots to find.
*   **Block Default Access:** Prevents direct access to the standard `wp-login.php` page.
*   **Protect wp-admin:** Blocks access to the `/wp-admin/` directory for users who are not logged in (allows necessary exceptions like admin-ajax.php and admin-post.php).
*   **Custom Redirection:** Define a specific path (relative to your site's URL) where users attempting to access the blocked default pages will be redirected (defaults to the homepage).

**Key Customization Features:**

*   **Selectable Layouts:** Choose your preferred login page appearance directly from several built-in layouts (including the "WordPress Default" style, Card Header, Dark Mode, Full Background, etc.) with previews in the settings.
*   **Custom Login Logo:** Easily upload your own logo to replace the default WordPress logo on the login screen.
*   **Custom CSS:** Add your own CSS rules for fine-grained control over the login page's appearance.

**How it Works:**

The plugin works by intercepting requests and filtering WordPress URLs dynamically. It **does not** rename or modify WordPress core files and does not require `.htaccess` rewrite rules (though properly configured permalinks are necessary for custom URLs to work). Deactivating the plugin instantly restores the default WordPress login behavior.

Configure everything easily via the **Settings > Login Protector** menu in your WordPress dashboard.

== Installation ==

1.  Upload the `custom-login-protector` folder to the `/wp-content/plugins/` directory via FTP or use the "Add New" plugin uploader in WordPress.
2.  Activate the plugin through the 'Plugins' menu in WordPress.
3.  Go to **Settings > Login Protector**.
4.  **URL Configuration:**
    *   Enter your desired path in the **Login URL** field (e.g., `secret-access`).
    *   Optionally, enter a path in the **Redirection URL** field (e.g., `404`) for blocked attempts. Leave empty to redirect to the homepage.
5.  **Login Page Customization:**
    *   Choose your preferred layout from the **Select Layout** options. Selecting "WordPress Default" uses the standard look.
    *   Upload or select your **Login Logo**.
    *   Add any specific styling rules in the **Custom CSS** box.
6.  Click **Save Settings**.
7.  **IMPORTANT:** Go to **Settings > Permalinks** and click **Save Changes** (without changing anything) to ensure your web server recognizes the new login URL structure.
8.  **CRITICAL:** Bookmark your new login URL (e.g., `yoursite.com/secret-access`). You will NOT be able to access `wp-login.php` directly anymore.

== Frequently Asked Questions ==

= What happens if I forget my custom login URL? =

If you forget the URL, you'll need to temporarily disable the plugin to regain access via the standard `wp-login.php`. You can do this by renaming the plugin's folder (e.g., `custom-login-protector-disabled`) via FTP or your hosting control panel's File Manager, located in `/wp-content/plugins/`. Once logged in, you can rename the folder back and check the settings or change the slug. Remember to save Permalinks again after re-enabling.

= Why do I get a "Not Found" error after setting the login URL? =

This usually means WordPress's rewrite rules haven't been updated. Go to **Settings > Permalinks** in your WordPress admin area and simply click the **Save Changes** button. Also, ensure your web server (Apache/Nginx) has `mod_rewrite` enabled and configured to allow `.htaccess` overrides (typically `AllowOverride All` for Apache in MAMP/local environments).

= Does this plugin rename any files or add rewrite rules itself? =

No. It works by intercepting page requests and filtering WordPress URLs dynamically using WordPress hooks. It relies on WordPress's own rewrite system (managed via Settings > Permalinks) to handle the custom URL.

= How do the customization options interact? =

The CSS for the **Select Layout** option you choose is loaded first (unless "WordPress Default" is selected). Then, your custom logo styling is applied. Finally, any CSS you add in the "Custom CSS" box is loaded last, allowing it to override both the layout and logo styles.

= How do I change the background image for specific layouts (like Full Background, Geometric Overlay, etc.)? =

While there isn't a separate upload field for each layout's background, you can easily override the default background using the **Custom CSS** field found under **Settings > Login Protector > Login Page Customization**.

1.  **Upload your image:** Go to **Media > Add New** in your WordPress dashboard and upload the background image you want to use. After uploading, click "Edit" on the image and copy its **File URL**.
2.  **Add Custom CSS:** Go back to the **Login Protector** settings. In the **Custom CSS** text area, add code similar to this example, replacing the layout number and the URL:

    ```css
    /* Example for Layout 3 (Full Background) */
    body.login.clp-layout-layout3 {
        background-image: url('https://yoursite.com/wp-content/uploads/your-image.jpg') !important;
        background-size: cover !important;
        background-position: center center !important;
        background-repeat: no-repeat !important;
    }
    ```
3.  **Target the Correct Layout:** Make sure you use the correct body class for the layout you want to change (e.g., `.clp-layout-layout3`, `.clp-layout-layout6`, etc.).
4.  **Use `!important`:** Adding `!important` after each CSS rule helps ensure your custom style overrides the default styles provided by the selected layout.
5.  **Save Settings:** Click **Save Settings** in the Login Protector page.

= Is this compatible with Multisite? =

Basic compatibility for URL filtering is included. Login page customization should apply per-site if activated network-wide, but thorough testing in specific Multisite configurations is recommended.

= What happens when I deactivate the plugin? =

Your site immediately reverts to using the default `wp-login.php` URL and the standard login page appearance. Your settings are preserved in the database unless you modify the deactivation code. Remember to save Permalinks after deactivating if you had a custom URL set.

= Will this conflict with other security or login-related plugins? =

It might conflict with plugins that also modify the login URL, redirect login/admin access, or heavily customize login styles. Test compatibility carefully.

== Screenshots ==

1.  The settings page: URL Configuration section.
2.  The settings page: Login Page Customization section showing layout selector, logo uploader, and CSS input.
3.  Example preview of the "Header" login layout.
4.  Example preview of the "Dark Centered" login layout.
5.  Example preview of the "Animated Gradient" login layout.
6.  Example of the login page with a custom logo and custom CSS applied.

== Changelog ==

= 1.2.2 =
* Fix: Prevent PHP warning for missing version in wp_register_style by using defined plugin version constant.
* Fix: Corrected CSS for layout previews alignment in admin settings.
* Maintenance: Refactored admin JavaScript for media uploader initialization.

= 1.2.1 =
* Enhancement: Removed redundant 'Enable Alternative Layout' checkbox. Layout selection now directly controls the base style, including 'WordPress Default'.
* Enhancement: Simplified settings UI and related JavaScript logic.
* Maintenance: Updated version number.

= 1.2.0 =
* Feature: Added 'Select Layout' option with visual previews for pre-defined login page styles.
* Feature: Added CSS files for each pre-defined layout.
* Enhancement: Added layout-specific body class (`clp-layout-*`).
* Fix: Corrected `load_plugin_textdomain` function call.

= 1.1.0 =
* Feature: Added Login Page Customization section (Logo Upload, Custom CSS).
* Feature: Updated settings UI to show site URL prefix.
* Enhancement: Changed redirect setting to relative path/slug.
* Enhancement: Added JS for Media Uploader.
* Enhancement: Added activation/deactivation hooks for rewrite rules.

= 1.0.0 =
* Initial release.
* Feature: Change login URL slug.
* Feature: Block direct access to wp-login.php and wp-admin.
* Feature: Custom redirection URL.

== Upgrade Notice ==

= 1.2.2 =
This version includes fixes for admin UI and PHP warnings.

= 1.2.1 =
The settings UI has been simplified by removing the 'Enable Alternative Layout' checkbox. Simply select your desired layout, including 'WordPress Default', from the list.