XO Security

XO Security is a plugin to enhance login related security. This plugin does not write to .htaccess file. Besides Apache, LiteSpeed, Nginx and IIS also work.

Functions

• Record login log.
• Limit login attempts.
• Add Captcha to the login form and comment form.
• Change the URL of the login page.
• Enable two-factor authentication (2FA) for login.
• Login Alert.
• Disable login by mail address.
• Disable login by user name.
• Change login error message.
• Disable XML-RPC and XML-RPC Pingback.
• Disable REST API.
• Disable author archive page.
• Remove comment author class of comments list.
• Remove the username from the oEmbed response data.
• WooCommerce login page protection.
• Anti-spam comment.
• Hide WordPress version information.
• Edit the author slug.
• Disable RSS and Atom feeds.
• Activate maintenance mode.
• Delete the readme.html file.

WordPress multisite considerations

If you set the login page separately for the main site and the subsite, you will not be able to use the password loss function of the subsite. We recommend that you set the login page to be common to all sites.