Turn WordPress into a secure, headless data origin. Redirect public traffic to your frontend, protect static assets, and manage content safely without exposing your API to the world.
Designed for staging environments, internal tools, and hybrid React/WP backends. Origin and destination URLs are never defined inside the plugin—you control the policy.
Redirects all front-end traffic, including anonymous REST API requests, to a configured external destination. Leaves AJAX, Cron, and WP-CLI untouched.
Ref: README.mdPHP validation for static files. Force image and PDF uploads through WordPress permission checks before serving them to the user.
Ref: StaticAssetProtection.mdBuilt-in support for Blue/Green deployments. Split traffic between two landing URLs based on IP hashing for gradual rollouts.
Ref: Settings.phpPerimeter is designed to be environment-neutral. Define your routing logic in a simple MU-plugin filter.
Use the wp2_perimeter_config filter to define your landing URL, status code, and whitelisted paths programmatically.
Infrastructure-grade software needs fail-safes. WP2 Perimeter ensures you never get locked out of your own backend.
We are constantly evolving to support complex infrastructure needs.
Redirect only from specific domains or handle different destinations per hostname.
Direct Editors to a specific portal while sending public traffic to the main site.
Switchable modes for Local, Staging, and Production environments via config profiles.