GhostGate
GhostGate is a lightweight yet powerful WordPress security plugin that eliminates the login page as an attack surface. Instead of just defending, it erases the entrance entirely with dynamic login URLs and multi-layer access verification.
- π Hide your login URL with a custom slug and time-based code
- π Built-in 2FA via email verification
- π« Auto-block brute force attacks by IP
- 𧱠Disable/limit unused endpoints like XML-RPC and REST API
- π€ Prevent user enumeration via REST, RSS, and author queries
- π Visualize security status and detect conflicts
- π Activity logs with optional file rotation
GhostGate doesnβt just defend β it disappears.
Invisible to bots. Intuitive for users.
π Full features / screenshots / pricing / docs:
https://arce-experience.com/product/
Privacy
GhostGate can store the following data locally on your site to provide rate-limiting and security auditing:
β IP addresses (for temporary throttling / block lists)
β Timestamps and event metadata (login attempts, REST/XML-RPC hits)
β Optional log files under wp-content/uploads/ghostgate/logs (if enabled)
No data is sent to third-party services.
Site owners are responsible for informing users/visitors where required by local laws. You can clear blocks/logs from the admin UI or by deleting the log files.
Details
Related plugins
Plugins that also contain the tag limit-login-attempts
Titan Anti-spam & Security
Limit Attempts by BestWebSoft β WordPress Anti-Bot and Security Plugin for Login and Forms
Melapress Login Security
Jeba Limit Login Attempts
Secure Admin Access
Orbisius Limit Logins
About
Plugin for that tries to help you find the WordPress plugin you are looking for.
| Please enjoy an image of Crush (this awesome turtle) and have a lovely day! |  |
We do not own any plugin listed on this site and do not work for or work with WordPress.com or it's associated companies. We simply provide a searchable list of the available WordPress plugins.