Title: Gatorio
Author: sichtelement
Published: <strong>2026 年 4 月 10 日</strong>
Last modified: 2026 年 6 月 14 日

---

搜索插件

![](https://ps.w.org/gatorio/assets/banner-772x250.png?rev=3503310)

![](https://ps.w.org/gatorio/assets/icon-256x256.png?rev=3503310)

# Gatorio

 作者：[sichtelement](https://profiles.wordpress.org/sichtelement/)

[下载](https://downloads.wordpress.org/plugin/gatorio.1.2.1.zip)

 * [详情](https://cn.wordpress.org/plugins/gatorio/#description)
 * [评价](https://cn.wordpress.org/plugins/gatorio/#reviews)
 *  [安装](https://cn.wordpress.org/plugins/gatorio/#installation)
 * [开发进展](https://cn.wordpress.org/plugins/gatorio/#developers)

 [支持](https://wordpress.org/support/plugin/gatorio/)

## 描述

Gatorio is a minimal WordPress security plugin that protects login endpoints against
brute-force attacks.

The plugin follows a strict privacy-first and KISS (keep it simple) philosophy.

No dashboards.
 No tracking. No unnecessary complexity.

Just effective login protection.

Unlike many plugins, Gatorio blocks login attempts before authentication begins.

This prevents bypasses caused by plugins that override the default WordPress login
flow.

### Features

 * Brute-force protection
 * Login attempt limiter
 * Temporary lockout
 * Pre-authentication request blocking (init hook)
 * Works with WordPress, WooCommerce and custom login forms
 * Login delay (bot mitigation)
 * Generic login errors (no information leakage)
 * XML-RPC protection
 * Username enumeration protection (REST API)
 * IP hashing (privacy-friendly, no raw IP storage)

## 安装

 1. Upload the plugin folder to `/wp-content/plugins/`
 2. Activate the plugin
 3. Protection starts automatically

## 常见问题

### Does the plugin store IP addresses?

No. Gatorio hashes IP addresses using SHA-256 and does not store raw IPs.

### Does it require configuration?

No. The plugin works automatically without setup.

### Does it work with WooCommerce or custom login forms?

Yes. Gatorio blocks login attempts at request level, independent of the authentication
system.

### Does it slow down the login?

A minimal delay is applied to slow down automated attacks.

Source code: https://codeberg.org/Sichtelement/gatorio

## 评价

此插件暂无评价。

## 贡献者及开发者

「Gatorio」是开源软件。 以下人员对此插件做出了贡献。

贡献者

 *   [ sichtelement ](https://profiles.wordpress.org/sichtelement/)

[帮助将「Gatorio」翻译成简体中文。](https://translate.wordpress.org/projects/wp-plugins/gatorio)

### 对开发感兴趣吗?

您可以[浏览代码](https://plugins.trac.wordpress.org/browser/gatorio/)，查看[SVN仓库](https://plugins.svn.wordpress.org/gatorio/)，
或通过[RSS](https://plugins.trac.wordpress.org/log/gatorio/?limit=100&mode=stop_on_copy&format=rss)
订阅[开发日志](https://plugins.trac.wordpress.org/log/gatorio/)。

## 更新日志

#### 1.2.1

 * Improved XML-RPC protection with hard 403 response handling
 * Removed unused legacy XML-RPC fallback code
 * Improved lockout response handling consistency
 * Minor code cleanup and internal hardening

#### 1.2

 * Added universal pre-authentication request blocking
 * Improved compatibility with WordPress, WooCommerce and custom login forms
 * Fixed brute-force bypass caused by plugin-based authentication flows
 * Added request-level login interception before authentication begins
 * Added complete XML-RPC protection with hard 403 response blocking
 * Removed remaining XML-RPC method exposure
 * Improved login flow reliability across different authentication systems
 * Added translators comments for localization placeholders
 * Fixed WordPress Plugin Check compatibility warnings
 * Improved internal security and code consistency
 * Tested with WordPress 7.0

#### 1.1

 * Added translators comment for localized strings with placeholders
 * Fixed WordPress Plugin Check error (MissingTranslatorsComment)
 * Added proper handling for nonce verification warnings (via phpcs ignore)
 * Improved compatibility with WordPress and external login flows
 * Minor security and code consistency improvements

#### 1.0.6

 * Added pre-authentication request blocking via init hook
 * Implemented universal login detection (WordPress, WooCommerce, custom forms)
 * Fixed brute-force bypass caused by plugin-based authentication overrides
 * Improved reliability across different login systems

#### 1.0.5

 * Added session-level lockout fallback via init
 * Improved compatibility with external authentication flows

#### 1.0.4

 * Adjusted authenticate hook priority

#### 1.0.3

 * Lockout stability improvements

#### 1.0.0

 * Initial public release

## 额外信息

 *  版本 **1.2.1**
 *  最后更新：**1 周前**
 *  活跃安装数量 **不到10**
 *  WordPress 版本 ** 6.0 或更高版本 **
 *  已测试的最高版本为 **7.0**
 *  PHP 版本 ** 8.0 或更高版本 **
 *  语言
 * [English (US)](https://wordpress.org/plugins/gatorio/)
 * 标签
 * [Brute Force](https://cn.wordpress.org/plugins/tags/brute-force/)[login](https://cn.wordpress.org/plugins/tags/login/)
   [login protection](https://cn.wordpress.org/plugins/tags/login-protection/)[security](https://cn.wordpress.org/plugins/tags/security/)
 *  [高级视图](https://cn.wordpress.org/plugins/gatorio/advanced/)

## 评级

尚未提交反馈。

[Your review](https://wordpress.org/support/plugin/gatorio/reviews/#new-post)

[查看全部评论](https://wordpress.org/support/plugin/gatorio/reviews/)

## 贡献者

 *   [ sichtelement ](https://profiles.wordpress.org/sichtelement/)

## 支持

有话要说吗？是否需要帮助？

 [查看支持论坛](https://wordpress.org/support/plugin/gatorio/)