Shifts the WordPress login URL to a path you control and adds a few admin-side utilities for hardening the login flow.
0.6126 (format: x.Yddd)
x= release class (0= pre-release,1= full release).Y= last digit of the current year.ddd= Julian day number.- Example for May 3, 2026: year digit
6+ day123=>0.6123.
This README is for developers working on the plugin: repo layout, contribution flow, security advisories. End-user docs (features, settings, FAQ, changelog) live in readme.txt so the WordPress.org listing stays in sync.
| Advisory | Severity | Affected | Fixed in |
|---|---|---|---|
GHSA-p369-rjwx-f44g |
High | ≤ 0.6112 | 0.6123 |
If you find a vulnerability, follow the disclosure process in SECURITY.md. Don't open a public issue.
thisismyurl-login-support.php # plugin bootstrap, main class
core/class-timu-core.php # shared admin framework
core/class-timu-cli.php # WP-CLI commands (loaded only under WP_CLI)
core/assets/shared-admin.{js,css}
assets/ # plugin icon + banner for .org
uninstall.php # removes options/transients/cron on uninstall
readme.txt # WP.org plugin directory readme (end-user docs)
SECURITY.md # disclosure process + threat model
CHANGELOG.md # version history
composer install
composer run lint:phpcs # WordPress Coding Standards
composer run lint:phpstan # static analysis
php -l thisismyurl-login-support.php # quick syntax checkCI runs the PHP lint matrix and PHPCS on every PR. If those go red, the PR doesn't merge.
GPL-2.0-or-later
I write these plugins because I keep running into the same WordPress problems on real client sites, and a small focused plugin is usually the right shape of fix. No tracking, no ads, no paywall.
If one of these saves you a headache, here's what actually helps:
- Sponsor if you can: GitHub Sponsors. Optional, never expected.
- Send a PR or a bug report: an issue with reproduction steps is worth more to me than a five-star review. Edge-case testing is gold.
- Follow the work: WordPress.org, GitHub, LinkedIn. Helps the next person find it.
- File an issue: the Issues tab. Include WordPress version, PHP version, and steps to reproduce.
- Start a discussion: the Discussions tab for questions, ideas, or anything that isn't a clear bug.
PRs are welcome. The flow:
- Fork and clone locally.
- Branch with a descriptive name (e.g.,
feature/improve-safety-check). - Make the change. Test it on the edge cases that bit you.
- Run
composer run lint:phpcsbefore opening the PR. - Open the PR with a clear note on what changed and why.
I read every PR. Well-tested ones merge faster.
This plugin comes out of the work I do at This Is My URL, helping WordPress teams keep their sites secure, fast, and maintainable.
I'm Christopher Ross. I've been on the open web since 1996 and on WordPress since 2007. This Is My URL is my WordPress development and technical SEO practice, based in Fort Erie, Ontario.
- 30 years on the open web (since 1996), 19 of those on WordPress (since 2007)
- WordPress contributor since 2007 with plugins on .org and code shipped to media, education, and government deployments
- Technical SEO focused on performance, security, and search visibility on real sites
- Training specialist at M.L. Campbell, building learning systems that ship
I prefer plain solutions that work. No hype, no extra moving parts.
- WordPress.org profile: profiles.wordpress.org/thisismyurl
- GitHub: github.com/thisismyurl
- Website: thisismyurl.com
- LinkedIn: linkedin.com/in/thisismyurl
- Christopher Ross (@thisismyurl) — author and maintainer
- Contributors: everyone who's filed an issue, tested an edge case, or sent a PR. Thank you.
GPL-2.0-or-later — see LICENSE or gnu.org/licenses/gpl-2.0.html.
This project follows the 10 Core Pillars. Support quality work here.