FAIR

Federated and Independent Repositories

ALD Login Page

Plugin Banner

ALD Login Page

by hossainawlad

Download
Description

ALD Login Page lets you fully customize the WordPress login page — logo, colors, dimensions, and padding — through a clean admin settings panel. Built on WordPress core APIs, the plugin follows WordPress security best practices from top to bottom so you can customize your login page with confidence.

Why security matters for a login page plugin

The WordPress login screen is the most exposed entry point to your admin area. A poorly coded login plugin can become an attack vector. ALD Login Page is designed to avoid the most common pitfalls:

  • Settings API + Sanitization callbacks — all saved values pass through WordPress core sanitizers (`sanitize_text_field`, `sanitize_hex_color`, `esc_url_raw`) before they ever touch the database.
  • Output escaping everywhere — `esc_url()`, `esc_attr()`, and `esc_html()` are used on every dynamic value that reaches the browser, eliminating XSS vectors.
  • Capability gate on admin page — only users with `manage_options` can access settings. Unauthorized users are blocked before any output is rendered.
  • Direct-access gate — `defined( ‘ABSPATH’ ) or die` on every PHP file prevents direct URL access to plugin files.
  • Nonce + CSRF handled automatically — the WordPress Settings API inserts and validates security nonces on every settings save.
  • No raw SQL — the plugin never calls `$wpdb->query()` or similar directly.
  • No shell commands — no `eval()`, `exec()`, or `shell_exec()` anywhere.
  • Superglobal sanitization — all user-supplied query parameters are passed through `sanitize_key()` with strict comparison before being evaluated.

The result: a lightweight login customizer with a clean security posture. If you are reviewing this plugin for code quality, you will find no raw echo $_GET, no unescaped output, and no capability bypasses. We take security seriously and keep this plugin up to date with the latest WordPress core versions.

ALD Login Page Needs Your Support

It is hard to continue development and support for this free plugin without contributions from users like you. If you enjoy using ALD Login Page and find it useful, please consider use these support channels appropriately. Your support will help encourage and support the plugin’s continued development and better user support.

  1. Upload the entire ald-login-page folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.

You will find ‘ALD Login Page’ menu in your WordPress admin panel Setting.

  1. screenshot-1.png

    screenshot-1.png

  2. screenshot-2.png

    screenshot-2.png

  3. screenshot-3.png

    screenshot-3.png

  4. screenshot-4.png

    screenshot-4.png

  5. screenshot-5.png

    screenshot-5.png

Do you have questions or issues with ALD Login Page? Use these support channels appropriately.

  1. Support Forum

Need more to update

By hossainawlad on May 1, 2018

Need more to update. Like- css customization, logo setting, visual editor, etc.

1.3.1

  • Hardened activate flag check with sanitize_key() + strict comparison to prevent type-juggling bypasses.
  • Replaced deprecated ‘login_headertitle’ filter with ‘login_headertext’ (deprecated since WP 5.2.0).
  • Fixed WordPress 6.7+ textdomain loading notice by hooking load_plugin_textdomain() to after_setup_theme.
  • Removed UTF-8 BOM from plugin file to prevent ‘unexpected output’ activation warning.

1.3

  • Refactored admin page to use WordPress Settings API for standard styling.
  • Added options for Logo Width, Height, and Padding.
  • Fixed color picker script dependency issue.

1.2

  • Improved admin page UI with sections, descriptions, and better media uploader integration.

1.1

  • Dynamically define plugin version.
  • Security improvements

1.0

  • Initial Release.
Back to top