A minimal wordpress plugin to help you hide your login url.
To correctly access wp-login.php, you need to provide a correct pair of parameters. The default parameters are wp-login.php?lock=some_string. You can either modify the key and value before uploading the plugin, or edit them in the wp-admin page.
forbid_login_with_lock will check every unlogin visiting to wp-login.php and try to add session for correct parameters or redirect visitor to home page.
my_authenticate is just an additional protect to avoid login without correct session set.
Note: Please make sure you have some way to disable this plugin without new login before activate it, you may accidently lock your self out from admin page if something went wrong.
Just replace following two values in locklogin.php to whatever you like:
const LC_TOKEON_NAME = "lock";
const LC_TOKEON_VALUE = "some_string";
// wp-login.php?lock=some_stringAfter plugin activate, you can only visit wp-login.php with the replaced parameters.