Custom Security Configurations


This plugin provides a number of custom configuration settings to increase security for sites, including login security, brute force attack protection, and preventing access to certain functionality.

  • Add custom admin login CSS to hide the Lost Password and Register links — Added 2.0.0
  • Redirect your author archive link to your “About” page — Added 1.6.0
  • Prevent access to functions.php — Added 1.2.0
  • Remove junk from head — Included since 1.0.0
  • Obscure login screen error messages — Added 1.1.0
  • Remove ability to post by email — Added 1.1.0
  • Protect against the Brute Force Amplification Attack — Added 2.1.0, Updated 2.2.0
  • Remove developer generated comments from HTML — Added 3.1.0
  • Remove “Remember Me” Checkbox from WordPress Login Page — Added 3.2.0
  • Stop WordPress from modifying .htaccess permalink rules — Added 3.4.0
  • Remove weak password option — Added 3.4.0
  • Remove weak password acceptance — Added 3.4.0
  • Disable FLoC — Added 3.6.0

Plugin Name: Custom Security Configurations
Current Version: 3.6.3
Last Updated: July 21, 2021
Tested Up To: 5.8


Manual Upload via WordPress Admin

If you have a copy of the plugin as a zip file, you can manually upload it and install it through the Plugins admin screen.

  1. Navigate to Plugins > Add New.
  2. Click the Upload Plugin button at the top of the screen.
  3. Select the zip file from your local filesystem.
  4. Click the Install Now button.
  5. When installation is complete, you’ll see “Plugin installed successfully.” Click the Activate Plugin button at the bottom of the page.

Manual Plugin Installation

In rare cases, you may need to install a plugin by manually transferring the files onto the server. This is recommended only when absolutely necessary, for example when your server is not configured to allow automatic installations.

This procedure requires you to be familiar with the process of transferring files using an SFTP client.

Warning: this process may put your site at risk if you install a WordPress plugin incompatible with the current version or from an unreliable source. Back up your site completely before proceeding.

  1. If your plugin is in the form of a zip file, unzip the contents. You should see a single folder named after the plugin.
  2. Look in the plugin folder for a readme.txt file. Read the file to confirm that this is the correct plugin, and to look for any special instructions.
  3. Connect to your WordPress server with your SFTP client.
  4. Copy the plugin folder to the wp-content/plugins folder in your WordPress directory. This installs the plugin to your WordPress site.
  5. Navigate to your Plugins admin screen and locate the newly uploaded plugin in the list.
  6. Click the plugin’s “Activate” link.
  7. If there is one, click the plugin’s “View details” link to learn more about the plugin.

Must-Use Plugins

You can install this plugin as must-use. Must-use plugins can’t be deactivated using the Plugins screen.

WordPress loads these plugins before normal plugins, which means that code and hooked functions registered in a must-use plugin can be assumed available to all other plugins.

Refund Policy

We stand behind our plugin’s quality and your satisfaction with it is important to us. However, because it’s a digital good, delivered via download, we generally offer no refunds.

If you change your mind about your purchase and have not yet downloaded our plugin, we will happily issue a full refund upon your request over the next 14 days.

Refund requests made after downloading the plugin are handled on a case by case basis and are issued at our sole discretion. Refund requests, if any, must be made within 14 days of your original purchase.

You may also like…