{"id":244339,"date":"2025-08-28T05:25:52","date_gmt":"2025-08-28T05:25:52","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/ghostgate\/"},"modified":"2026-01-21T00:06:38","modified_gmt":"2026-01-21T00:06:38","slug":"ghostgate","status":"publish","type":"plugin","link":"https:\/\/bal.wordpress.org\/plugins\/ghostgate\/","author":23315770,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.3.3","stable_tag":"1.3.3","tested":"6.9.4","requires":"5.8","requires_php":"7.4","requires_plugins":null,"header_name":"GhostGate","header_author":"\u30b8\u30fc\uff08Code GEE\uff09","header_description":"\u30ed\u30b0\u30a4\u30f3URL\u3092\u96a0\u3057\u3066\u30012FA\u8a8d\u8a3c\u3084DoS\u906e\u65ad\u3082\u53ef\u80fd\u306aWordPress\u5c02\u7528\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f37\u5316\u30c4\u30fc\u30eb\u3067\u3059\u3002WordPress Login Hardening Plugin.","assets_banners_color":"0b141d","last_updated":"2026-01-21 00:06:38","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/arce-experience.com\/product\/","header_author_uri":"https:\/\/arce-experience.com\/developer\/","rating":0,"author_block_rating":0,"active_installs":20,"downloads":438,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.1.1":{"tag":"1.1.1","author":"codegee0958","date":"2025-08-28 05:26:29"},"1.2.0":{"tag":"1.2.0","author":"codegee0958","date":"2025-09-18 01:50:14"},"1.2.1":{"tag":"1.2.1","author":"codegee0958","date":"2025-09-18 10:40:23"},"1.3.0":{"tag":"1.3.0","author":"codegee0958","date":"2025-09-22 11:26:40"},"1.3.1":{"tag":"1.3.1","author":"codegee0958","date":"2025-09-22 11:54:38"},"1.3.2":{"tag":"1.3.2","author":"codegee0958","date":"2025-09-24 00:34:06"},"1.3.3":{"tag":"1.3.3","author":"codegee0958","date":"2026-01-21 00:06:38"}},"upgrade_notice":{"1.3.3":"<p>This update includes compatibility verification for WordPress 6.9 and PHP 8.x improvements. Recommended for all users.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3351716,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3351716,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.jpg":{"filename":"banner-1544x500.jpg","revision":3351722,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.jpg":{"filename":"banner-772x250.jpg","revision":3351716,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.1.1","1.2.0","1.2.1","1.3.0","1.3.1","1.3.2","1.3.3"],"block_files":[],"assets_screenshots":{"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":3351725,"resolution":"1","location":"assets","locale":""},"screenshot-2.jpg":{"filename":"screenshot-2.jpg","revision":3351725,"resolution":"2","location":"assets","locale":""},"screenshot-3.jpg":{"filename":"screenshot-3.jpg","revision":3351725,"resolution":"3","location":"assets","locale":""},"screenshot-4.jpg":{"filename":"screenshot-4.jpg","revision":3351725,"resolution":"4","location":"assets","locale":""},"screenshot-5.jpg":{"filename":"screenshot-5.jpg","revision":3351725,"resolution":"5","location":"assets","locale":""}},"screenshots":{"1":"Admin settings page with tabbed UI","2":"Security status diagnostics","3":"IP block log and unblock controls","4":"Access code input screen for login URL (e.g., date-based code)","5":"Security explanation tab"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[9374,23853,600,1909,6558],"plugin_category":[54],"plugin_contributors":[246963],"plugin_business_model":[],"class_list":["post-244339","plugin","type-plugin","status-publish","hentry","plugin_tags-limit-login-attempts","plugin_tags-rest-api","plugin_tags-security","plugin_tags-two-factor-authentication","plugin_tags-xml-rpc","plugin_category-security-and-spam-protection","plugin_contributors-codegee0958","plugin_committers-codegee0958"],"banners":{"banner":"https:\/\/ps.w.org\/ghostgate\/assets\/banner-772x250.jpg?rev=3351716","banner_2x":"https:\/\/ps.w.org\/ghostgate\/assets\/banner-1544x500.jpg?rev=3351722","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/ghostgate\/assets\/icon-128x128.png?rev=3351716","icon_2x":"https:\/\/ps.w.org\/ghostgate\/assets\/icon-256x256.png?rev=3351716","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/ghostgate\/assets\/screenshot-1.jpg?rev=3351725","caption":"Admin settings page with tabbed UI"},{"src":"https:\/\/ps.w.org\/ghostgate\/assets\/screenshot-2.jpg?rev=3351725","caption":"Security status diagnostics"},{"src":"https:\/\/ps.w.org\/ghostgate\/assets\/screenshot-3.jpg?rev=3351725","caption":"IP block log and unblock controls"},{"src":"https:\/\/ps.w.org\/ghostgate\/assets\/screenshot-4.jpg?rev=3351725","caption":"Access code input screen for login URL (e.g., date-based code)"},{"src":"https:\/\/ps.w.org\/ghostgate\/assets\/screenshot-5.jpg?rev=3351725","caption":"Security explanation tab"}],"raw_content":"<!--section=description-->\n<p><strong>GhostGate<\/strong> is a lightweight yet powerful WordPress security plugin that eliminates the login page as an attack surface. Instead of just defending, it <strong>erases the entrance<\/strong> entirely with dynamic login URLs and multi-layer access verification.<\/p>\n\n<ul>\n<li>\ud83d\udd12 Hide your login URL with a custom slug and time-based code<\/li>\n<li>\ud83d\udd11 Built-in 2FA via email verification<\/li>\n<li>\ud83d\udeab Auto-block brute force attacks by IP<\/li>\n<li>\ud83e\uddf1 Disable\/limit unused endpoints like XML-RPC and REST API<\/li>\n<li>\ud83d\udc64 Prevent user enumeration via REST, RSS, and author queries<\/li>\n<li>\ud83d\udd0d Visualize security status and detect conflicts<\/li>\n<li>\ud83d\udcdc Activity logs with optional file rotation<\/li>\n<\/ul>\n\n<p>GhostGate doesn\u2019t just defend \u2014 it disappears.<br \/>\nInvisible to bots. Intuitive for users.<\/p>\n\n<p>\ud83d\udc49 <strong>Full features \/ screenshots \/ pricing \/ docs<\/strong>:<br \/>\nhttps:\/\/arce-experience.com\/product\/<\/p>\n\n<h3>Privacy<\/h3>\n\n<p>GhostGate can store the following data locally on your site to provide rate-limiting and security auditing:\n- IP addresses (for temporary throttling \/ block lists)\n- Timestamps and event metadata (login attempts, REST\/XML-RPC hits)\n- Optional log files under <code>wp-content\/uploads\/ghostgate\/logs<\/code> (if enabled)<\/p>\n\n<p>No data is sent to third-party services.<br \/>\nSite owners are responsible for informing users\/visitors where required by local laws. You can clear blocks\/logs from the admin UI or by deleting the log files.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload the plugin folder to <code>\/wp-content\/plugins\/ghostgate<\/code><\/li>\n<li>Activate the plugin via the Plugins menu<\/li>\n<li>Go to <strong>GhostGate &gt; Settings<\/strong> and configure your gate logic<\/li>\n<li>Optionally enable 2FA, IP blocking, REST\/API controls, and more<\/li>\n<\/ol>\n\n<p>Need help with setup?<br \/>\nSee the installation &amp; setup video:<br \/>\nhttps:\/\/arce-experience.com\/product\/<\/p>\n\n<!--section=faq-->\n<dl>\n<dt id=\"is%20ghostgate%20compatible%20with%20other%20security%20plugins%3F\"><h3>Is GhostGate compatible with other security plugins?<\/h3><\/dt>\n<dd><p>Yes. It detects common conflicts and shows visual warnings. You can use it alongside plugins like Wordfence or iThemes.<\/p><\/dd>\n<dt id=\"what%20happens%20if%20i%20forget%20my%20login%20code%20or%20get%20locked%20out%3F\"><h3>What happens if I forget my login code or get locked out?<\/h3><\/dt>\n<dd><p>You can always access your site via recovery mode or disable the plugin via FTP if needed.<\/p><\/dd>\n<dt id=\"does%20it%20affect%20performance%3F\"><h3>Does it affect performance?<\/h3><\/dt>\n<dd><p>GhostGate is built for speed. It only runs at login and admin hooks, keeping overhead minimal.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.3.3 - 2026-01-21<\/h4>\n\n<ul>\n<li>Compatibility: Verified support for WordPress 6.9.<\/li>\n<li>Fix: Enhanced PHP 8.x compatibility (stricter type casting in internal key generation).<\/li>\n<li>Fix: Improved login slug detection to strictly handle trailing slashes, preventing 404 errors in some server configurations.<\/li>\n<\/ul>\n\n<h4>1.3.2 - 2025-09-24<\/h4>\n\n<ul>\n<li>Fix \u2013 Resolved \u201cUndefined variable $user_login \/ $errors\u201d warnings on the login screen.<\/li>\n<li>Fix \u2013 Prevented potential \u201cheaders already sent\u201d issues.<\/li>\n<li>Improvement \u2013 Hardened login flow compatibility with core.<\/li>\n<li>Improvement \u2013 Minor internal refactors around request path normalization.<\/li>\n<\/ul>\n\n<h4>1.3.0 - 2025-09-22<\/h4>\n\n<ul>\n<li>Security: Strengthened \u201cHide wp-json structure\u201d.<\/li>\n<li>Fix: Route allowlist UI now correctly preserves selections for regex endpoints.<\/li>\n<li>Fix: Resolved rare fatal error on \u201cUnblock IP\u201d admin action.<\/li>\n<li>Tested: Confirmed compatibility with WordPress 6.8.<\/li>\n<\/ul>\n\n<h4>1.2.1<\/h4>\n\n<ul>\n<li>Tweak: Added brand header (logo + subtitle) to the code entry screen.<\/li>\n<li>Tweak: Minor CSS polish.<\/li>\n<\/ul>\n\n<h4>1.2.0<\/h4>\n\n<ul>\n<li>New: Added an option to block direct access to preview URLs.<\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<ul>\n<li>Maintenance and compliance improvements.<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ul>\n<li>REST\/JSON structure stealth options.<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial public release.<\/li>\n<\/ul>","raw_excerpt":"Invisible, intelligent protection for WordPress. GhostGate hides your login page, blocks bots, and turns your site into a ghost fortress.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/244339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=244339"}],"author":[{"embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/codegee0958"}],"wp:attachment":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=244339"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=244339"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=244339"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=244339"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=244339"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=244339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}