Protect WordPress Logins, Accounts, Sessions, and Frontend Security Flows.
Guard Dog 1.9.42 is a comprehensive WordPress security plugin for custom login URLs, two-factor authentication, passkeys, social login, CAPTCHA protection, session management, frontend account-security tools, and detailed activity logging. It brings serious login and account protection to WordPress without a premium tier or subscription trap.
Current release: 1.9.42. Need setup details or technical documentation?
Core Features That Stand Guard
Guard Dog protects your WordPress login, admin, and account surfaces with a broad toolkit that can be enabled piece by piece.
| Feature | What It Does for You |
| Custom Login URL | Hide the default /wp-admin and /wp-login.php entry points behind your own login slug to reduce automated bot traffic and brute-force attempts. |
| WordPress Login Screen Customization | Brand the native login screen with custom logo, colors, layout, links, and messaging while keeping the normal WordPress login flow intact. |
| Frontend Login Form | Use the Guard Dog Login Form block or shortcode on normal pages, with support for CAPTCHA, passkeys, social login buttons, remember-me, lost-password links, and redirects. |
| Frontend Account Security | Give logged-in users self-service controls for 2FA, passkeys, and active sessions through blocks or shortcodes designed for account dashboards and block themes. |
| Two-Factor Authentication (2FA) | Require app-based or email-based 2FA with recovery codes, enforcement options, and frontend setup controls that only show enabled methods. |
| Passkeys | Support passwordless authentication with device-based credentials such as Face ID, Touch ID, Windows Hello, and security keys. |
| Social Login | Let users sign in with Google, Microsoft, or Apple OAuth, with account linking, optional auto-creation, provider controls, and activity logging. |
| Multiple CAPTCHA Providers | Choose Google reCAPTCHA v2 or v3, hCaptcha, or Cloudflare Turnstile to match your site's privacy and friction preferences. |
| Login Attempt Limiting | Lock out repeated failed login attempts with configurable retry limits and durations before brute-force attacks get comfortable. |
| Access Control + Trusted Proxies | Use IP, username, country, whitelist, and blacklist controls with proxy-aware visitor IP detection and trusted proxy CIDR ranges for CDN or load-balanced sites. |
| Session Management | Track active sessions, enforce session limits, set timeouts, remotely terminate sessions, and detect suspicious IP or location shifts. |
| User Enumeration Protection | Block common username discovery vectors across author archives, REST API requests, login errors, password reset flows, XML-RPC, registration, and more. |
| Temporary User Access | Create real WordPress users with secure, time-limited access links, login limits, role controls, and automatic cleanup. |
| Email Provider Control | Send 2FA and WordPress emails through providers such as Amazon SES, Mailgun, Resend, SendGrid, or Google Workspace/Gmail. |
| Password Policy + Email Verification | Set password strength requirements, block password reuse, and require users to verify email addresses before login when your site needs tighter account hygiene. |
| Activity Monitoring | Log security events across logins, lockouts, 2FA, CAPTCHA, sessions, social login, user changes, content changes, settings, plugins, themes, and more. |
What Changed in Guard Dog 1.9.42?
Version 1.9.42 tightens the newer frontend account-security surface by making session management blocks and shortcodes safe to use more than once on the same page.
That matters for block themes, member dashboards, and custom account pages where you may combine the full account-security widget with a standalone sessions surface.
The recent 1.9.x line also added login screen customization, frontend login/account-security blocks and shortcodes, Apple/Google/Microsoft social login hardening, trusted proxy IP handling, passkeys, session management, password policy controls, email verification, and user enumeration protection.
Who Can Benefit from Guard Dog?
Guard Dog is built for WordPress site owners who want practical account security without turning every login into a science project.
- Bloggers & Writers: Keep your personal site protected from login spam, username scraping, and brute-force noise without paying for a security suite.
- Small Business Owners: Protect customer, staff, and admin accounts with stronger login controls, session visibility, and reliable security emails.
- Membership & Community Sites: Give users frontend account-security tools for 2FA, passkeys, and session management without sending everyone into wp-admin.
- Developers & Agencies: Install a flexible security foundation on client sites, including blocks and shortcodes that fit custom login and account pages.
- Sites Behind CDNs or Proxies: Use trusted proxy settings so IP-based security features understand the real visitor IP instead of yelling about your infrastructure.
The Guard Dog Promise: 100% Free, Forever
You should not have to pay a subscription just to protect the front door of your WordPress site.
Guard Dog has no pro version, no premium upsells, and no sneaky feature limits.
Download Guard Dog today and secure your WordPress login, account, and session flows with a plugin built to stay useful without holding the important stuff hostage.