WP Login & Access Manager

WP Login & Access Manager is a WordPress plugin that allows administrators to customize the login page and restrict login access based on user roles.

---

Why this plugin exists

This plugin was built to demonstrate secure WordPress authentication handling, role-based access control, and admin settings management following WordPress coding standards and best practices.

Features

• Custom message on the WordPress login page
• Restrict login access based on user roles
• Admin settings page to configure blocked roles
• Uses WordPress authentication hooks and Settings API
• Lightweight and theme-independent

---

How It Works

• Hooks into WordPress login using the authenticate filter
• Blocks selected roles from logging in
• Displays a clear error message on the login screen
• Admins manage settings under Settings → Login Access Manager

---

️ Installation

1. Clone or download this repository
2. Upload the wp-login-access-manager folder to /wp-content/plugins/
3. Activate the plugin from the WordPress dashboard
4. Configure roles under Settings → Login Access Manager

---

Plugin Structure

wp-login-access-manager/ ├── wp-login-access-manager.php ├── readme.md └── includes/ ├── login-customizer.php ├── role-restrictions.php └── admin-settings.php

---

️ Security

• Capability checks for admin access
• Sanitized option values
• Safe authentication blocking using WP_Error
• Proper escaping for output

---

Author

Aditya Kumar Singh
GitHub: https://github.com/AdityaS62