Authica

Authica™ is a WordPress login security and login customization plugin built for site owners, agencies, and developers who want a safer, more professional login experience. Use Authica to customize the WordPress login page, protect login forms with Cloudflare Turnstile, add two-factor authentication, reduce brute force attacks, hide or rename wp-login.php, manage login redirects, restrict login access by IP, and monitor login activity with security logs and reports. Instead of using separate plugins for login branding, CAPTCHA, 2FA, brute force protection, login redirects, hide login, and activity logs, Authica brings these features together in one polished WordPress admin experience. Highlights: WordPress Login Customization Customize the default WordPress login page with your own logo, background, colors, overlays, typography, Google Fonts, welcome messages, error messages, and responsive layout controls. Cloudflare Turnstile Bot Protection Protect WordPress login, registration, and password reset forms with privacy-focused Cloudflare Turnstile verification. Two-Factor Authentication for WordPress Add app-based TOTP two-factor authentication to improve account security for administrators, users, and client sites. Hide or Rename wp-login.php Move the default WordPress login URL away from automated bot targets and reduce noise from common brute force attempts. Brute Force Protection Limit repeated failed login attempts and help protect accounts from password guessing and credential stuffing attacks. Web Application Firewall Inspect incoming requests for suspicious patterns such as SQL injection, cross-site scripting, path traversal, remote code execution, sensitive file probes, scanner traffic, and known malicious user-agents. IP Restriction Create allow, deny, and stealth access rules for login protection based on IP addresses or IP ranges. Login Activity Logs and Security Reports Monitor login attempts, blocked events, user activity, countries, IP addresses, and suspicious login behavior from the Authica dashboard. Login and Logout Redirect Rules Send users to the correct page after login or logout with simple redirect controls and role-based flows. Email Verification Require users to confirm their email address before signing in, helping reduce fake accounts, spam registrations, and bot-created users. Modern Authica Admin UI Manage login security and login branding from a polished, consistent WordPress admin interface built for agencies and serious site owners. Authica Free includes full visual branding tools plus core security features. Upgrade to Authica Pro for advanced controls and premium protections. Learn more: https://authica.net

1. Upload the authica folder to /wp-content/plugins/
2. Activate the plugin via Plugins → Installed Plugins
3. Go to Authica → Form Appearance to customize your login form
4. Configure other features as needed

For complete documentation, visit: https://authica.net/documentation

3.3.1 Released: 2026-05-23

• Improved Appearance Customizer transition by preventing empty sidebar flashes and synchronizing Authica, WordPress admin sidebar, and top bar fade animations.
• Fixed unwanted white outline boxes appearing around login form text elements in the Customizer live preview when changing Form Text font settings.
• Fixed IP Restriction table alignment so country codes and IP/CIDR values stay vertically aligned in Allow, Deny, and Stealth 404 lists under newer WordPress admin styles.
• General improvements and bug fixes.

3.3.0 Released: 2026-05-21

• Added Web Application Firewall (WAF) with configurable firewall rules, sensitivity/mode controls, exclusions, block responses, WAF statistics, Recent Activity / Security Reports integration, alert support, and optional IP Restriction deny-list escalation.
• Added Security Checkup with a login protection score, setup progress, grouped security recommendations, status-based scoring, dashboard summary card, and guidance for improving Authica protection coverage.
• General improvements and bug fixes.

3.2.4 Released: 2026-05-06

• Fixed PHP debug warnings on Appearance/Customizer screens caused by stale or orphaned Authica preview page menu references.
• Fixed expected AJAX login failures returning HTTP 401; invalid username/password and verification errors now return a normal JSON error response so Authica can show the message without browser console noise.

3.2.3 Released: 2026-05-06

• Fixed Google Fonts enable/disable behavior in the Customizer so all font family dropdowns update instantly without requiring a manual refresh.
• Standardized Customizer font family dropdown sources so Form Inputs and Form Buttons now use the same font groups and labels as the rest of the login form font controls.
• Improved Customizer Google Fonts UI rendering so long font lists and preview areas display correctly and use the available panel space.
• Added a new CSS Background option in the login Customizer with 30 preset CSS background effects, custom CSS background support, live preview updates and opacity control.
• Fixed Customizer/login message positioning so messages now consistently align with the live form height after layout, font, and field changes.
• Added new Follow Form message style.
• General improvements and bug fixes.

3.2.2 Released: 2026-04-29

• Added a Manually Verify User action to the Email Verification → Unverified Users hamburger menu [PRO].
• Added contextual Documentation buttons across Authica admin pages.
• Fixed IP Restriction AJAX handling so blocked login attempts return the configured block message instead of a generic “Something went wrong” error when Admin area (wp-admin) enforcement is enabled [PRO].
• General improvements and bug fixes.

3.2.1 Released: 2026-04-23

• Fix Backup page width.
• CSS fixes on Linux Firefox and Chrome.
• General improvements and bug fixes.

3.2.0 Released: 2026-04-15

• Added Activity Reports widget to the Dashboard [PRO].
• Changed “Soft Block” button text to “404 Block” in the Activity table [PRO].
• Customizer: replaced Form Inputs → Input Dimensions single Corner Radius control with per-corner radius controls.
• Customizer: replaced Form Button → Button Dimensions single Corner Radius control with per-corner button radius controls.
• Updated Social Login buttons to follow the Form Button per-corner radius values.
• General improvements and bug fixes.

3.1.0 Released: 2026-04-10

• Added Security Reports widget to the Dashboard with live donut charts [PRO].
• Added 14-day free Pro trial for the Single Site plan.
• General improvements and bug fixes.

3.0.0 Released: 2026-04-06

• Introduced the all-new Authica UI across the plugin, with a unified design system, shared UI library, improved consistency, and a more polished admin experience.
• General improvements and bug fixes.

2.4.5 Released: 2026-03-16

• Fixed Logging & Alerts not showing in Free version.

2.4.4 Released: 2026-03-16

• Removed Logging & Alerts from the left WordPress admin menu.
• CSS admin fixes.
• General improvements and bug fixes.

2.4.3 Released: 2026-03-15

• Moved the Turnstile widget placeholder above the Captcha Size slider.
• Redesigned the Logging & Alerts area, improved Recent Activity filtering, new Reports and Exports tabs, cleaner table/layout styling, and full Backup & Restore support.
• General improvements and bug fixes.

2.4.2 Released: 2026-03-12

• Fixed hamburger menu loading on Email Verification and Magic Links admin pages.
• General improvements and bug fixes.

2.4.1 Released: 2026-03-12

• Fixed welcome/error messages position in some cases.
• Added dashboard notes with multi-tab support.
• Admin CSS fixes.
• General improvements and bug fixes.

2.4.0 Released: 2026-03-10

• Added Magic Login module with per-user passwordless links, policy/expiry controls, and dashboard status [PRO].
• Added the new Passkey module with support for passwordless sign-in and enrolled user/device tracking [PRO].
• Added password visibility toggle to the Register form using the eye icon.
• Fixed Social login buttons are now disabled until CAPTCHA/Turnstile is successfully solved (same behavior as the Login button) [PRO].
• General improvements and bug fixes.

2.3.2 Released: 2026-03-02

• Added Messages Font controls (Font Family, Text Color, Font Size slider) for Authica welcome/error messages.
• Added Messages Background controls (Background Color, Border Color, Border Size slider, Border Opacity slider).
• Added Overlay Border section to Form Style (Border Color, Border Size slider, Border Opacity slider).
• Added in Minimal message style, “Background Color” now controls shadow color (Minimal remains font + shadow only).
• Added Title Text Line Height control (slider) for finer spacing and readability.
• Added independent Form Overlay corner-radius controls (Top Left/Top Right/Bottom Right/Bottom Left) with live preview support.
• Fixed and unified Customizer font dropdown lists for more consistent display and behavior.
• Fixed: Input border thickness no longer resets in live preview when typing or changing border colors.
• Enforced stronger password rules (minimum length + strength checks) and blocked reusing the current password during password changes/resets.
• General improvements and bug fixes.

2.3.1 Released: 2026-02-25

• Added Author Slug options in Users/Profile [PRO].
• Added Authica WordPress Dashboard Security Overview Widget [PRO].
• Added Country code before IP address in Recent Activity [PRO].
• Added Hardening tab in Brute Force Protection with XML-RPC hardening controls [PRO].
• Authica login form CSS fixes.
• Fixed login button radius in some cases/themes.
• Improved Turnstile Analytics “Check” button: you can now test Cloudflare Analytics credentials before enabling and saving the feature.
• General improvements and bug fixes.

2.3.0 Released: 2026-02-19

• Added Social Login.
• General improvements and bug fixes.

2.2.2 Released: 2026-02-11

• Removed Authica preview page from navigation menu.

2.2.1 Released: 2026-02-10

• Improved: Prevented the Authica preview page from affecting WordPress page selectors (including Settings → Reading static homepage selection) on some setups
• General improvements and bug fixes.

2.2.0 Released: 2026-02-08

• Added Geo Access Control (Local / Cloudflare modes) [PRO].
• CSS fixes for small screen devices.
• General improvements and bug fixes.

2.1.1 Released: 2026-01-23

• Improved Recent Activity log readability [PRO].
• Fixed Logout Redirect always returning to the login page [PRO].
• Fixed Emergency Lockout card showing wrong info [PRO].
• General improvements and bug fixes.

2.1.0 Released: 2026-01-19

• Improved logging table installation/repair logic [PRO].
• Added Username Protection: decoy-username detection that sends the IP to Stealth 404 after a single failed login attempt [PRO].
• General improvements and bug fixes.

2.0.1 Released: 2026-01-14

• Fixed tab links and back button on Brute Force page.

2.0.0 Released: 2026-01-14

• New SaaS-style admin interface.
• Functionality and behavior changes.
• Fixed Brute Stealth 404 list cleaning time [PRO].
• General improvements and bug fixes.

1.5.0 Released: 2026-01-04

• Fixed loading intervals for Turnstile Analytics (GraphQL) [PRO].
• General improvements and bug fixes.

1.4.1 Released: 2025-12-30

• Added Turnstile Analytics (GraphQL) [PRO].
• General improvements and bug fixes.

1.4.0 Released: 2025-12-24

• Allow user to login only from specific IPs [PRO].
• Added Emergency Lockout [PRO].
• General improvements and bug fixes.

1.3.2 Released: 2025-12-17

• Fixed date/time in Logging & Alerts [PRO].
• Added more Google fonts.
• General improvements and bug fixes.

1.3.1 Released: 2025-12-14

• Added Stealth 404 protection [PRO].
• Added Auto-expire brute-force blocks [PRO].
• Added reset for Brute Force and Stealth 404 counters [PRO].
• Fixed date/time for deny list to follow WP date/time [PRO].
• General improvements and bug fixes.

1.3.0 Released: 2025-12-10

• Added Two-factor authentication (TOTP) [PRO].
• Smooth up animations with different classes
• General improvements and bug fixes.

1.2.1 Released: 2025-12-07

• Added Brute Force Protection [PRO].
• Upgraded Logging to show Brute Force actions [PRO].
• General improvements and bug fixes.

1.2.0 Released: 2025-12-05

• Added IP restriction rules [PRO].
• Added Logging & Alerts [PRO].
• General improvements and bug fixes.

1.1.3 Released: 2025-12-02

• Fixed some fonts not showing properly in customizer and mobile.
• Tested on WordPress 6.9
• General improvements and bug fixes.

1.1.2 Released: 2025-11-12

• Freemius WordPress SDK 2.13.0
• Fixed register and lost password forms title text not updating in live preview.
• Fixed login form opacity error on publish.
• General improvements and bug fixes.

1.1.1 Released: 2025-11-12

• Fixed form width on initial show in customizer.
• General improvements and bug fixes.

1.1.0 Released: 2025-11-10

• Update: Bundled Chart.js to v4.5.1 (MIT).
• Dev: Included Chart.js LICENSE with vendor files.
• Redirect Rules after login / Logout [PRO].
• General improvements.

1.0.5 Released: 2025-10-29

• Added Hide direct access to wp-login.php [PRO].
• Added Custom slug for login page [PRO].
• Fixed some bugs with restore.
• General improvements.

1.0.4 Released: 2025-10-06

• Freemius fix with free version.

1.0.3 Released: 2025-10-06

• Registration verification links are now short and encrypted by default [PRO].
• Fixed consistent gap on Captcha [PRO].
• General improvements.

1.0.2 Released: 2025-10-04

• Form can be now moved horizontally.
• Fixed duplicated Logo in some cases.
• General improvements.

1.0.1 Released: 2025-10-02

• Optimized AJAX login.
• Fixed Login form size on mobile for some themes.
• General improvements.

1.0.0 Released: 2025-10-01

• Initial release with branded login, email verification and Turnstile captcha.