Features

• Enabling/disabling the password protection to wp-login.php, WordPress admin pages. Note that you’ll be asked to re-type the .htaccess username/password you created before enabling any of the settings – to ensure that you wouldn’t enable the password protection without even knowing the password yourself! Modifying the existing users: you can change any .htaccess user’s password and remove the users. Note that you have to add at least one user to enable the lock.
• Add unlimited .htaccess users;
• Protect your whole site, making it accessible to only those who have the .htaccess user.
• Whenever the plugin makes a change to the .htaccess file, it stores the previous version in another file -- so, in case there is ever a problem, there's always a backup you can revert to!
• You can view and review the entire .htaccess file (so you don't need to login via SSH or SFTP to review it)
• You can turn off directory browsing
• You can prevent a classic hack in which the square bracket is used to break the URI.
• You can protect the wp-config.php so it can't be edited
• You can disable PHP file uploads into the uploads directory
• You can disable the hotlinking of images, for people trying to steal bandwidth from you.

Requirements

• PHP7