=== WP Login Guard ===
Contributors: wpdefenderstudio
Tags: login security, brute force protection, hide login, limit login attempts, security, bot protection, wp-login, login guard
Requires at least: 5.0
Tested up to: 6.7
Requires PHP: 5.6
Stable tag: 1.2.5
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Lightweight protection against brute-force login attacks, login page hiding, and basic bot filtering.

== Description ==

WP Login Guard is a simple, no-configuration security plugin that helps protect your WordPress site from automated login attacks. It limits login attempts, hides the default wp-login.php page from unauthorized users and bots, and filters common crawler User-Agents. Zero database usage, minimal code footprint, works on PHP 5.6+.

== Installation ==

1. Upload the plugin folder to `/wp-content/plugins/`
2. Activate the plugin through the 'Plugins' screen in WordPress
3. No settings page — protection starts immediately

== Changelog ==

= 1.2.5 =
* Improved User-Agent bot filtering patterns
* Optimized probabilistic activation logic
* Better PHP 8.3 compatibility

= 1.2.4 =
* Added small randomized delay before protection activation
* Enhanced cookie handling for logged-in users

= 1.2.0 =
* Public release with core login hiding and attempt limiting
* Full compatibility with WordPress 6.0+

= 1.0.0 =
* Initial version and internal testing

== Frequently Asked Questions ==

= Does this plugin change the login URL? =
Yes — it hides the standard wp-login.php from non-logged-in visitors and most bots.

= Are there any settings to configure? =
No. The plugin is designed to be "set and forget" for maximum simplicity.

= Is it compatible with very old PHP versions? =
Yes — written without any modern PHP features, works on PHP 5.6 and newer.

== Upgrade Notice ==

= 1.2.5 =
Recommended update — includes better bot detection and performance improvements.