Barbwire Security


This plugin enhances the WordPress security.
Effective such as the brute force attack.
Includes the following specific functions.

1.Change the URL of the login screen, to avoid attacks on the login screen.
You can ward off tying for try to login for cracking, such as Brute-force attack.
Adding parameter to login URL so that default login url will hidden.

2.Block the display of author archive page
WordPress leaks your login id because of redirect author archive page by author id to login id.
(If you enter “your-site-url/?author=1”, you can try it.)
Simply hideing author archive page so that block to leak login id.

3.To disable the part of the XML-RCP feature prevents the attack.
Block DDOS attacks against other sites with yor WordPress site, pingback enabled.

4.Disable the REST API function and reduce the risk of receiving external attacks.
You can disable all REST APIs and you can partially disable them.

These features will be able to choose whether or not to enable.

This plug-in does not change the .htaccess
You can use with confidence.
Also it works in both Apache and nginx.

(photo by Keoni Cabral


  • Setting

  • Setting

  • Help


  1. Install and activate the plugin through the ‘Plugins’ menu in WordPress.
  2. Go to Settings > Barbwire Security.
  3. Perform the necessary settings and press the Save button.


Read all 1 review

Contributors & Developers

“Barbwire Security” is open source software. The following people have contributed to this plugin.


Translate “Barbwire Security” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



First release


fix error error of removing the plugin


fix php warning message


fix login page will divulge, when using Permalink settings
Thanks to @nyarocom pointed out.(


fix disnable pingback function was not working
add function block the display of author archive page
add help documentation


fix readme.txt


Add new function, Disable the REST API
Refactor source codes


fix settings page duplication
Specify support for version 4.8.2




change Possible to finely set the restriction of REST API
change Move menu to submenu of option
fix Remove Notice Error in setting page
add Link to setting page to plugin list page
Specify support for version 4.9


fix Error on setting screen in Version 4.6.x or earlier.


fix Error when the version of WordPress does not support REST API.