=== WPGreeks Securities ===

Contributors: prashant4, wpgreekspro, wpgreeks
Tags: security, login security, custom login url, hide login, admin ui
Requires at least: 6.9
Tested up to: 7.0
Requires PHP: 8.0
Stable tag: 1.4.0
License: GPL-2.0+
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Secure your WordPress admin area with custom login URLs, login protection, and a modern dashboard sidebar UI.

== Description ==

WPGreeks Securities provides a lightweight admin companion framework built strictly for performance, customization, and file environment hardening. This utility suite uses absolute native WordPress core loops and capability hooks to run adjustments cleanly without running risky runtime scripts or database modifications.

Built using native WordPress APIs and coding standards, the plugin focuses on performance, security, and ease of use without modifying core files.

= Features =

* Secure Login URL customization
* Hide the default wp-login.php access point
* Protection against common automated login attacks
* Modern Dashboard Sidebar UI enhancement
* Lightweight and performance-friendly architecture
* Native WordPress Settings API integration
* Secure option handling and validation
* WordPress coding standards compliant

= Module-1: Secure Login URL Changer =

Replace the default WordPress login URL with your own custom login slug. This helps reduce automated bot attacks targeting wp-login.php and improves overall login security.

= Module-2: Modern Dashboard Sidebar UI =

Enable a modern and cleaner WordPress admin sidebar design that improves readability, spacing, and visual organization for administrators.

= Module-3: File & Environment Hardening Guard = 

Secures production sites from code modifications or unauthorized software deployments by dynamically intercepting user capabilities to disable backend theme/plugin installations, uploads, and direct file editor boxes.

== Installation ==

1. Upload the `wpgreeks-securities` folder to the `/wp-content/plugins/` directory.
2. Activate the plugin through the WordPress Plugins screen.
3. Open **WPGreeks Securities** from the WordPress admin menu.
4. Enable the desired security modules from the Settings Manager.

== Frequently Asked Questions ==

= Does this plugin modify WordPress core files? =

No. WPGreeks Securities never modifies WordPress core files. All functionality is implemented using official WordPress hooks and APIs.

= What happens if I forget my custom login URL? =

You can temporarily deactivate the plugin via FTP or your hosting file manager. WordPress will automatically restore the default login URL.

= Does the plugin affect website performance? =

No. The plugin is designed to be lightweight and loads assets only when required.

= Is the Modern Dashboard UI compatible with other plugins? =

Yes. The UI enhancements use isolated and namespaced CSS to minimize conflicts with other plugins.

= Is data sanitized and validated? =

Yes. All settings use WordPress sanitization, validation, nonce verification, and Settings API best practices.

= Does the Environment Hardening Guard affect manual developer file updates? =

Not at all. The lockdown mechanics purely restrict dashboard-level execution capabilities, such as code additions or web-installer screens. You can still modify files safely over secure SFTP/FTP.

== Screenshots ==

1. Settings Manager dashboard with security feature toggles.
2. Modern Dashboard Sidebar UI enhancement.
3. Secure Login URL configuration panel.

== Changelog ==

= 1.4.0 =
* Evolved backend architecture into a three-part security and workspace layout switchboard framework.
* Added Module 3 (File & Environment Hardening Guard) to protect core files by disabling backend plugin/theme installations, uploads, updates, and direct template editor screens.
* Intercepted system capabilities natively via the user_has_cap hook filter matrix to prevent dashboard-level security breaches and rogue code modifications.

= 1.3.0 =
* Dedicated "Updates" log tab layout page inside the core dashboard manager view.
* Extracted all structural styling from PHP views into an optimized external asset sheet (admin-style.css).
* Cleaned up code layout architecture to follow strict WordPress Codex coding and safety protocols by completely removing all inline attributes.

= 1.2.0 =
* Added "Enable Modern Design UI" management switch (Module 2) to toggle sleek visual styling modifications across the global WordPress administrative sidebar area.
* Set up target conditional asset enqueuing inside the main hook loop to load admin-menu.css across all WordPress backend pages without running unwanted background scripts.

= 1.1.0 =
* Resolved the critical PHP layout variables conflict ($user_login and $error being undefined) during standard theme session terminations.
* Upgraded runtime injection to hook natively on wp_loaded instead of early initialization phases, eliminating site-wide white screens and core routing conflicts.

= 1.0.0 =
* Re-engineered plugin into a Modular Component Framework to isolate and separate custom menu logic rules.
* Created the "WPGreeks Secure Login Slug" tool (Module 1) to block automated malicious scripts by routing wp-login queries to an optimized custom page slug gateway.
* Integrated modern interactive CSS toggle switches into the Settings Manager dashboard for quick module activation.
* Added cryptographic security handshake validations (wp_nonce_field and check_admin_referer) across all input forms.