LevelNetwork Custom Login Protector

Complete Documentation v1.2.4

Description	Protects the site by changing the login URL, blocking default access points, and allowing visual customization of the page.
Version	1.2.4
Author	Level Network
Minimum Requirements	WordPress 5.4+, PHP 7.2+

1. Introduction

LevelNetwork Custom Login Protector is a WordPress plugin designed to improve your site's security through the principle of "security through obscurity" while simultaneously offering advanced tools for aesthetic customization of the login page.

The plugin dynamically intercepts requests without modifying WordPress core files or requiring complex .htaccess rules, making configuration simple and reversible.

2. Key Features

2.1 Security Features

• Modify Login URL: Allows you to set a custom path (e.g., yoursite.com/secret-access) replacing the classic wp-login.php, making it difficult for bots to find the login form.
• Block Default Access: Prevents direct access to the standard wp-login.php page for non-logged-in users.
• wp-admin Protection: Blocks access to the /wp-admin/ directory for unauthenticated users (managing necessary exceptions like admin-ajax.php).
• Custom Redirection: Allows you to define where to redirect users who attempt to access blocked pages (e.g., to the homepage or a 404 page).

2.2 Visual Customization Features

• Predefined Layouts: Includes several ready-to-use graphic layouts (Modal, Dark Mode, Full Background, Minimalist, etc.) selectable with one click, in addition to the standard WordPress style.
• Custom Logo: Allows you to upload and use your own logo instead of the WordPress one on the login page.
• Custom CSS: Offers a dedicated field to enter additional CSS rules for total control over the page's appearance.

3. Installation and Initial Configuration

1. Upload the plugin folder to the /wp-content/plugins/ directory or install it via the dashboard (Plugins > Add New).
2. Activate the plugin.
3. Navigate to Settings > Login Protector in the admin menu to access the configuration.

4. Usage Guide

The settings page is divided into two main sections.

4.1 URL Configuration

This section manages security aspects.

• Login URL: Enter the desired "slug" for your new login page (e.g., restricted-area). Use only lowercase letters, numbers, and hyphens.
  • Note: Avoid reserved names like "login", "admin", "dashboard". If left empty, protection is disabled.
• Redirection URL: Enter the relative path (e.g., 404) where blocked access attempts should be redirected. If empty, it redirects to the homepage.

4.2 Login Page Customization

This section manages the aesthetics.

• Select Layout: Choose a visual layout from those proposed. Clicking on a thumbnail selects the layout and displays a blue confirmation border. The "WordPress Default" option maintains the standard style.
• Login Logo: Click "Upload or Select Logo" to use the WordPress Media Library and choose an image. A preview will appear.
• Custom CSS: Enter CSS code to override the styles of the chosen layout or the core.

5. Best Practices and Troubleshooting

5.1 How to change the background image of a layout

Some layouts (e.g., Layout 3, 6, 7, 9) use a default background image. You can easily change it via the Custom CSS field.

1. Upload your image to Media > Add New and copy its full URL.
2. In the Login Protector settings, insert code similar to the following in the CSS field (adapting the layout class and URL):

/* Example for Layout 3 (Full Background) */
body.login.lnclp-layout-layout3 {
    background-image: url('YOUR_IMAGE_URL') !important;
    background-size: cover !important;
    background-position: center center !important;
}

Replace .lnclp-layout-layout3 with the correct class if you use another layout (e.g., .lnclp-layout-layout6, etc.). Using !important is recommended to ensure the override.

5.2 "Page not found" (404) after configuration

If you receive a 404 error when trying to access the URL after setting it:

1. Verify that you have saved the Permalinks (see section 3).
2. Ensure that the mod_rewrite module is enabled on your Apache server and that the directives in the .htaccess file are writable by WordPress.

5.3 What to do if you forget the login URL

If you can no longer access the site because you forgot the custom URL:

1. Access the server via FTP or the File Manager of your hosting.
2. Navigate to /wp-content/plugins/.
3. Rename the plugin folder levelnetwork-custom-login-protector to something else (e.g., levelnetwork-custom-login-protector-DELETED).
4. This will deactivate the plugin and restore standard access via wp-login.php.
5. Once logged in, rename the folder back to its original name and check the settings.

6. Recent Changelog

• 1.2.4
  • UI/UX: Completely redesigned the Admin Settings page with a modern, responsive two-column layout.
  • UI/UX: Improved the Layout Selector with a better visual grid and clearer active states.
  • Enhancement: Added a new sidebar with quick links to Documentation, Developer resources, and community support.
  • Enhancement: Moved admin inline styles to a dedicated CSS file (lnclp-admin-settings.css) for better performance and cleaner code.
  • Maintenance: Renamed the main plugin file and the .pot translation file to strictly align with WordPress.org directory slug requirements.
• 1.2.3
  • Enhancement: Rebranded to "LevelNetwork Custom Login Protector" to comply with WordPress.org directory guidelines.
  • Enhancement: Updated text domains to levelnetwork-custom-login-protector and all internal prefixes to LNCLP_ or lnclp_.
  • Enhancement: Removed deprecated load_plugin_textdomain logic, leveraging native WordPress translation loading.
  • Fix: Addressed PHP_CodeSniffer (WPCS) warnings regarding nonce verification on whitelisted actions.
  • Fix: Corrected translator comments formatting for localized strings containing placeholders.
• 1.2.2: Fix for PHP warnings, CSS preview alignment correction, JS refactoring.
• 1.2.1: UI simplification (removed 'Enable Alt Layout' checkbox).
• 1.2.0: Introduced 'Select Layout' functionality with visual previews.