Thanks for you fast reply.
I believe printing a few kB of css + js to the head part of the plugin admin page wouldn’t hurt in terms of speed (might also improve it) and would also make it working safely for many more plugins like this.
The wp hide also changes the login page url but also many more wp footprints (but for free). The goal is not to beat a good hacker (wouldn’t try that with wp anyways :)) ) but a whole bunch of automatic bots that are designed to figure out if a website is built on wp or not.
If these bots find out you have it then a massive attack might start with ip rotations and stuff. Cloudflare Zero Trust might be working for that, I will try. Thanks for the great call!
The thing is: if these bots don’t even recognize a wp blog than you less likely get an attack. 😉 So this is just another layer of safety.
