SAURABH SINGH

PROJECTS

ShieldLock: WordPress Security Hardening Plugin

Auto-Scanning + Password Policies + Admin Security Dashboard

Overview

ShieldLock is a WordPress security plugin that automates site hardening and monitoring. It scans for outdated plugins and themes, enforces strong password policies, disables vulnerable endpoints, tracks failed login attempts, and provides a real-time security overview through a custom admin dashboard widget.

Technical Features

Automated Security Scanning

Detects outdated plugins and themes and generates notifications for updates.
Monitors and logs security-relevant changes in the WordPress environment.

Access & Authentication Hardening

Enforces strong password rules for users and administrators.
Disables XML-RPC to prevent remote attacks and brute-force vulnerabilities.
Tracks failed login attempts with configurable thresholds and lockouts.

Admin Dashboard Integration

Custom security dashboard widget displaying real-time status and alerts.
Summarizes critical security issues, including outdated components, failed logins, and policy violations.
Interactive interface allows admins to quickly remediate issues from the dashboard.

Plugin Architecture & Security

Modular PHP code with separation of scanning, policy enforcement, logging, and admin UI.
Uses nonces, capability checks, and input sanitization for all admin interactions.
Performance-optimized, leveraging hooks to minimize impact on front-end load.

Tech Stack

Refer to README.md for build instructions and deployment steps.