GhostGate
| 开发者 | codegee0958 |
|---|---|
| 更新时间 | 2025年8月28日 13:42 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 6.8 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
GhostGate is a lightweight yet powerful WordPress security plugin that eliminates the login page as an attack surface. Instead of just defending, it erases the entrance entirely with dynamic login URLs and multi-layer access verification.
- 🔒 Hide your login URL with a custom slug and time-based code
- 🔑 Built-in 2FA via email verification
- 🚫 Auto-block brute force attacks by IP
- 🧱 Disable/limit unused endpoints like XML-RPC and REST API
- 👤 Prevent user enumeration via REST, RSS, and author queries
- 🔍 Visualize security status and detect conflicts
- 📜 Activity logs with optional file rotation
安装:
- Upload the plugin folder to
/wp-content/plugins/ghostgate - Activate the plugin via the Plugins menu
- Go to GhostGate > Settings and configure your gate logic
- Optionally enable 2FA, IP blocking, REST/API controls, and more
屏幕截图:
常见问题:
Is GhostGate compatible with other security plugins?
Yes. It detects common conflicts and shows visual warnings. You can use it alongside plugins like Wordfence or iThemes.
What happens if I forget my login code or get locked out?
You can always access your site via recovery mode or disable the plugin via FTP if needed.
Does it affect performance?
GhostGate is built for speed. It only runs at login and admin hooks, keeping overhead minimal.
更新日志:
1.1.1
- Maintenance and compliance improvements (enqueue scripts/styles; minor fixes)
- UI/diagnostics polish
- Tested up to WordPress 6.8
- REST/JSON structure stealth options (allowlist & prefix-based allow)
- Improved status diagnostics and defaults for rate limits
- Initial public release
- Dynamic login URL gate, 2FA email code
- IP restriction + logs, REST API and XML-RPC shielding
- Status analyzer and conflict detector ➡ Full changelog (latest): https://arce-experience.com/changelog/#ghostgate