WP Login Door
Adds a secret URL key to access the login page and lets you disable XML-RPC, protecting against bruteforce attacks.
5(6 reviews)
·400 active installs·Updated 9 months agoAs of April 2026, WP Login Door is a WordPress hide plugin with 400 active installations and a 5/5 rating from 6 reviews. It has been downloaded 4.5K+ times in total. Requires WordPress 4.0.0+ and PHP false+. Available on WordPress.org since 2016. Top alternative: Email Encoder – Protect Email Addresses….
5/56 reviews
400active installs
4.5K+total downloads
10 yearssince 2016
Overview
Did you ever feel like your website or blog login page is ridiculously fragile and reachable, and could be easily broken in by an intruder?
Personally I hate to think of hundreds of people playing with my door lock hundreds of times a day. It’s the same with my blog login page.
On WordPress, there are two main potential vectors of bruteforce intrusion:
* http://my-site.com/wp-login.php, which is the login page
* http://my-site.com/xmlrpc.php, which is an API gateway for interacting with third party applications.
This plugin adds one security layer in front of your login page, and by the way you can also disable XML-RPC with a simple checkbox if you don’t need it (XML-RPC is a WIDELY used vector of attacks).
The idea is simple: you choose a pair of words, and when you want to…
Ratings & Reviews
56 reviews
5 ★
6
4 ★
0
3 ★
0
2 ★
0
1 ★
0
Compatibility
| WordPress | 4.0.0+ requiredTested up to 6.8.5 |
| PHP | false+ required |
Top Alternatives to WP Login Door
Frequently Asked Questions
Changelog
1.5
- Let go the ‘postpass’ standard action (used when user types a password to open a protected post)
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.