描述
Login Obfuscator makes your login responses more unpredictable to brute-force bots. It adds a subtle security layer by sending an HTTP 403 Forbidden status on failed login attempts, confusing automated attacks that expect standard 200 or 302 responses.
This plugin is simple and silent:
* No configuration required
* No user interface
* Works automatically on activation
Why it works:
* Bots rely on predictable responses (200 = fail, 302 = success)
* A 403 status confuses many automated scripts
* Some bots slow down or stop attacking altogether
屏幕截图
screenshot-1.png – How it works. 
screenshot-2.png – Example of a failed login HTTP 403 response (shown in browser dev tools).
安装
- Upload the plugin files to the
/wp-content/plugins/login-obfuscatordirectory, or install the plugin through the WordPress plugins screen directly. - Activate the plugin through the ‘Plugins’ screen in WordPress.
- Done — there are no settings or UI.
评价
2026 年 1 月 23 日
This looks like a really good and simple solution 🙂
2026 年 1 月 7 日
It is a clever and effective plugin, successfully confusing bots and reducing brute-force attacks.
贡献者及开发者
更新日志
1.2
- Minor fixes and code cleanup
1.0
- Initial release: sends HTTP 403 on failed login attempts