=== 24TT Login Security and Brander ===
Contributors: 24techtime, johniouspatriot
Tags: security, hide login, custom login, brute force, white label
Requires at least: 5.8
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 1.0.2
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Agency-level visual branding alongside critical perimeter defense, login obfuscation, and strict access controls.

== Description ==

**24TT Login Security and Brander** is an enterprise-grade, zero-bloat security and white-labeling solution for WordPress. Designed for agencies and security-conscious site owners, it fortifies your WordPress perimeter while delivering a seamless, custom-branded login experience for your clients.

Instead of relying on heavy frameworks, this plugin uses native WordPress APIs and strictly optimized PHP to protect your site without slowing it down. 

### 🛡️ Enterprise Perimeter Defense
* **Hide wp-login.php & /wp-admin/:** Completely obfuscate your login portal. Bots and unauthenticated guests attempting to access default login routes are silently redirected to your homepage before core authentication redirects even trigger.
* **Brute Force Protection:** Transient-based Limit Login Attempts. Locks out attackers for 15 minutes after 3 failed attempts, intercepting them at Priority 1 before heavy database queries execute.
* **Kill XML-RPC:** Permanently disables XML-RPC to shut down massive DDoS and brute-force vectors.
* **Block User Enumeration:** Prevents hackers from scraping usernames via author archives (`/?author=1`) and the REST API.
* **Generic Error Masking:** Overwrites default login errors so attackers cannot verify if a username exists.

### 🎨 Agency-Grade Brander
* **Custom Login Logo:** Replace the default WordPress logo with your client's brand.
* **Custom Colors:** Tailor the background and primary button colors using the native WordPress Color Picker.
* **Smart Contrast Calculator:** Automatically detects if your background is light or dark (using the YIQ formula), adjusting the "Lost Password" and "Back to Site" links to guarantee 100% visual accessibility.
* **Role-Based Redirects:** Automatically route administrators to the backend dashboard, while sending clients or subscribers to a custom URL (like a user portal).

== Installation ==

1. Upload the `24tt-login-security-and-brander` directory to the `/wp-content/plugins/` directory via FTP, or upload the zipped file directly through the WordPress plugins screen.
2. Activate the plugin through the 'Plugins' menu in WordPress.
3. Navigate to **Settings > 24TT Security** to configure your secret login slug, branding colors, and client redirects.
4. **Important:** If you set a custom login slug, remember it! You will need it to log back in.

== Frequently Asked Questions ==

= I forgot my secret login slug and am locked out! What do I do? =
Simply access your site via FTP or a File Manager. Navigate to `/wp-content/plugins/` and temporarily rename the `24tt-login-security-and-brander` folder to something else (e.g., `disabled-24tt`). This will safely deactivate the plugin, and you can log in normally via `wp-login.php`. Once logged in, rename the folder back, reactivate the plugin, and check your settings.

= Will this slow down my website? =
Absolutely not. The admin settings interface only loads in the backend, and the security rules are designed to intercept attacks at the earliest possible hook (`init` and `authenticate`), saving your server from processing heavy WordPress database queries.

== Screenshots ==

1. The Visual Branding & User Interface (UI) settings panel.
2. The Perimeter Defense & Routing configuration.
3. A fully white-labeled, secure login portal with dynamic contrast text.

== Changelog ==
= 1.0.2 =
* Minor version bump for repository resubmission.
= 1.0.1 =
* Minor version bump for repository resubmission.
= 1.0.0 =
* Initial Release: The fortress is sealed.