Title: GhostGate
Author: codegee0958
Published: <strong>August 28, 2025</strong>
Last modified: January 21, 2026

---

Search plugins

![](https://ps.w.org/ghostgate/assets/banner-772x250.jpg?rev=3351716)

![](https://ps.w.org/ghostgate/assets/icon-256x256.png?rev=3351716)

# GhostGate

 By [codegee0958](https://profiles.wordpress.org/codegee0958/)

[Download](https://downloads.wordpress.org/plugin/ghostgate.1.3.3.zip)

 * [Details](https://test.wordpress.org/plugins/ghostgate/#description)
 * [Reviews](https://test.wordpress.org/plugins/ghostgate/#reviews)
 *  [Installation](https://test.wordpress.org/plugins/ghostgate/#installation)
 * [Development](https://test.wordpress.org/plugins/ghostgate/#developers)

 [Support](https://wordpress.org/support/plugin/ghostgate/)

## Description

**GhostGate** is a lightweight yet powerful WordPress security plugin that eliminates
the login page as an attack surface. Instead of just defending, it **erases the 
entrance** entirely with dynamic login URLs and multi-layer access verification.

 * 🔒 Hide your login URL with a custom slug and time-based code
 * 🔑 Built-in 2FA via email verification
 * 🚫 Auto-block brute force attacks by IP
 * 🧱 Disable/limit unused endpoints like XML-RPC and REST API
 * 👤 Prevent user enumeration via REST, RSS, and author queries
 * 🔍 Visualize security status and detect conflicts
 * 📜 Activity logs with optional file rotation

GhostGate doesn’t just defend — it disappears.
 Invisible to bots. Intuitive for
users.

👉 **Full features / screenshots / pricing / docs**:
 https://arce-experience.com/
product/

### Privacy

GhostGate can store the following data locally on your site to provide rate-limiting
and security auditing:
 – IP addresses (for temporary throttling / block lists) –
Timestamps and event metadata (login attempts, REST/XML-RPC hits) – Optional log
files under `wp-content/uploads/ghostgate/logs` (if enabled)

No data is sent to third-party services.
 Site owners are responsible for informing
users/visitors where required by local laws. You can clear blocks/logs from the 
admin UI or by deleting the log files.

## Screenshots

 * [[
 * Admin settings page with tabbed UI
 * [[
 * Security status diagnostics
 * [[
 * IP block log and unblock controls
 * [[
 * Access code input screen for login URL (e.g., date-based code)
 * [[
 * Security explanation tab

## Installation

 1. Upload the plugin folder to `/wp-content/plugins/ghostgate`
 2. Activate the plugin via the Plugins menu
 3. Go to **GhostGate > Settings** and configure your gate logic
 4. Optionally enable 2FA, IP blocking, REST/API controls, and more

Need help with setup?
 See the installation & setup video: https://arce-experience.
com/product/

## FAQ

### Is GhostGate compatible with other security plugins?

Yes. It detects common conflicts and shows visual warnings. You can use it alongside
plugins like Wordfence or iThemes.

### What happens if I forget my login code or get locked out?

You can always access your site via recovery mode or disable the plugin via FTP 
if needed.

### Does it affect performance?

GhostGate is built for speed. It only runs at login and admin hooks, keeping overhead
minimal.

## Reviews

There are no reviews for this plugin.

## Contributors & Developers

“GhostGate” is open source software. The following people have contributed to this
plugin.

Contributors

 *   [ codegee0958 ](https://profiles.wordpress.org/codegee0958/)

[Translate “GhostGate” into your language.](https://translate.wordpress.org/projects/wp-plugins/ghostgate)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/ghostgate/), check 
out the [SVN repository](https://plugins.svn.wordpress.org/ghostgate/), or subscribe
to the [development log](https://plugins.trac.wordpress.org/log/ghostgate/) by [RSS](https://plugins.trac.wordpress.org/log/ghostgate/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.3.3 – 2026-01-21

 * Compatibility: Verified support for WordPress 6.9.
 * Fix: Enhanced PHP 8.x compatibility (stricter type casting in internal key generation).
 * Fix: Improved login slug detection to strictly handle trailing slashes, preventing
   404 errors in some server configurations.

#### 1.3.2 – 2025-09-24

 * Fix – Resolved “Undefined variable $user_login / $errors” warnings on the login
   screen.
 * Fix – Prevented potential “headers already sent” issues.
 * Improvement – Hardened login flow compatibility with core.
 * Improvement – Minor internal refactors around request path normalization.

#### 1.3.0 – 2025-09-22

 * Security: Strengthened “Hide wp-json structure”.
 * Fix: Route allowlist UI now correctly preserves selections for regex endpoints.
 * Fix: Resolved rare fatal error on “Unblock IP” admin action.
 * Tested: Confirmed compatibility with WordPress 6.8.

#### 1.2.1

 * Tweak: Added brand header (logo + subtitle) to the code entry screen.
 * Tweak: Minor CSS polish.

#### 1.2.0

 * New: Added an option to block direct access to preview URLs.

#### 1.1.1

 * Maintenance and compliance improvements.

#### 1.1.0

 * REST/JSON structure stealth options.

#### 1.0.0

 * Initial public release.

## Meta

 *  Version **1.3.3**
 *  Last updated **2 months ago**
 *  Active installations **20+**
 *  WordPress version ** 5.8 or higher **
 *  Tested up to **6.9.4**
 *  PHP version ** 7.4 or higher **
 *  Language
 * [English (US)](https://wordpress.org/plugins/ghostgate/)
 * Tags
 * [limit login attempts](https://test.wordpress.org/plugins/tags/limit-login-attempts/)
   [rest-api](https://test.wordpress.org/plugins/tags/rest-api/)[security](https://test.wordpress.org/plugins/tags/security/)
   [two factor authentication](https://test.wordpress.org/plugins/tags/two-factor-authentication/)
   [xml-rpc](https://test.wordpress.org/plugins/tags/xml-rpc/)
 *  [Advanced View](https://test.wordpress.org/plugins/ghostgate/advanced/)

## Ratings

No reviews have been submitted yet.

[Add my review](https://wordpress.org/support/plugin/ghostgate/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/ghostgate/reviews/)

## Contributors

 *   [ codegee0958 ](https://profiles.wordpress.org/codegee0958/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/ghostgate/)