DozWPSecure

A basic security plugin for WordPress 4.x, 5.0 or higher. You can selectively disable unused features in WordPress core, and this plugin will help you to remove unnecessary information to be disclosed to attackers. You can find more details in the User Manual. Basic WP Security Hardening:

• Remove WP Version Details
• Disable XMLRPC
• Disable Pingback
• Disable Windows Live Writer
• Disable RSS Feeds
• Disable JSON & REST API
• Enable Security Headers (X-Frame-Options, X-XSS-Protection, X-Content-Type-Options)
• Remove PHP Version Header Optional Settings:
• Remove HTML Comment Tags
• Trim HTML Response Custom Login URL:
• Customize Login URL
• Customize Login Logo URL
• Enforce HTTPS Login

Step by step guide for installation from WordPress Admin Dashboard:

1. Go to Plugins > Add New.
2. Search for "DozWPSecure" after clicking on "Add New" button.
3. Install the plugin.
4. Activate it right away. Step by step guide for installation from WordPress.org: After downloading the DozWPSecure zip file,
5. Log in to the WordPress administrator panel (wp-admin).
6. Go to Plugins > Add New > Upload Plugin.
7. Click "Choose File" and select the downloaded zip file.
8. Click "Install Now" button.
9. Click "Activate Plugin" button for activating the DozWPSecure plugin. Installation guide and user manual can be found at https://www.dozty.net/dozwpsecure-user-manual/