WP Engine's Managed WordPress Hosting Affiliate Program. Earn up to tens of thousands of commissions for just one referral by recommending the best managed hosting on the World's only WordPress Digital Experience Platform.
Description
What Is Wp Engine
Hide My WP Ghost is a WordPress Security plugin. It’s one of the best security through obscurity WordPress plugins.
We would like to show you a description here but the site won’t allow us. Administration: AJAXify image resizing, clarify engine selection, only load css/js on actual plugin page; Handle progressbar version incompatability for jQuery UI 1.8 (in WP 3.1) and jQuery UI 1.7 (in WP 3.0) Tested with WordPress 3.1-RC2; 1.1.2. Fix bug with forced resize of custom image sizes; Fix warning with openbasedir restriction during.
It has over 70.000 secured websites, over 1,600,000 brute force attempts protection and over 6.000 login email alerts.
The plugin adds filters and security layers to prevent Scripts and SQL Injections, Brute Force attacks, XML-RPC attacks and more.
It changes and hides the common paths, plugins and themes paths offering the best protection against hacker bots attacks.
Note! No file or directory is physically changed. All the changes are made by redirects. All the actions are done automatically by the plugin.
After the common paths are changed, all the common paths are hidden from hackers to protect all the plugins and themes.
Check the Demo Website source code:
https://demo.wpplugins.tips/
(the elementor is changed in files and classes using the PRO version)
Check the Redirected URLs in Demo Website (all are redirected to Front Page):
https://demo.wpplugins.tips/wp-admin
https://demo.wpplugins.tips/wp-login
Check the Hidden Common Paths in Demo Website (all show 404 Page Not Found):
https://demo.wpplugins.tips/wp-content
https://demo.wpplugins.tips/wp-content/plugins
https://demo.wpplugins.tips/wp-content/themes
The plugin works with other security plugins and adds a layer of firewall to proactively secure your WordPress website against hackers.
Hide My WP Ghost is compatible with all servers, hosting services, and also supports WP Multisite.
Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs.
Security of WordPress sites typically tops the list of concerns for new and experienced website owners alike.
For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself.
Is your website secure? Check your website with Free Website Security Check
Protect your WordPress website by hiding the authentication paths like wp-admin, wp-login.php and wp-login and change the common WordPress paths like wp-content, wp-includes, uploads and more.
Please support us and translate the plugin in your language:
https://translate.wordpress.org/projects/wp-plugins/hide-my-wp
Thank you all for your trust, support and positive reviews!
FREE Hide My WP Ghost – Security Features (over 40 free security options):
- Hide WordPress wp-admin URL and redirect it to 404 page or a custom page
- Hide WordPress wp-login.php and redirect it to 404 page or a custom page
- Change the wp-admin and wp-login URLs
- Change lost password URL
- Change register URL
- Change logout URL
- Change activation URL
- Change admin-ajax URL
- Change wp-content URL
- Change wp-includes URL
- Change uploads URL
- Change comments URL
- Change author URL
- Change plugins name URL
- Change themes name URL
- Change category URL
Change tags URL
Custom login redirects based on useer role
Custom logout redirects based on useer role
Change URLs from Relative to Absolute
- Change URLs in Ajax calls
- Change URLs for Logged Users
- Change paths in Sitemap.xml
- Change paths in Robots.txt
Hidden Paths:
- Hide /wp-admin Path
- Hide /wp-login Path
- Hide /login Path
- Hide plugins Paths
- Hide themes Paths
- Hide REST API wp-json
- Hide WordPress HTML comments
- Hide Version and WordPress Tags
- Hide DNS Prefetch WordPress link
- Hide WordPress Generator Meta
- Hide RSD (Really Simple Directory) header
- Hide Emojicons if you don’t use them
Disable Paths:
- Disable REST API access
- Disable XML-RPC access
- Disable Embed scripts
- Disable DB-Debug in Frontend
- Disable WLW Manifest scripts
Brute Force Protection:
- Brute Force with Math Captcha
Extra Features:
- Backup and Restore settings
- Fix relative URLs
- Change classes using Text Mapping from HTML code
- Cache CSS, JS and Images to optimize the loading speed
- Weekly security check and reports
Integrations:
- Support for WP Multisite
- Support for Nginx
- Support for IIS
- Support for LiteSpeed
- Support for Apache
- Support for WP Engine
- Support for Inmotion Hosting
- Support for Hostgator Hosting
- Support for Godaddy Hosting
- Support for Host1plus
- Support for Payperhost
- Support for Fastcomet
- Support for Dreamhost
- Support for Bitnami Apache
- Support for Bitnami Nginx
- Support for Google Cloud Hosting
- Support for Litespeed Hosting
Support for Flyweels Hosting
Recommended by Wp Rocket
- Recommended by WPML
See All FREE Security Features:
https://hidemywp.co/security-features/
Compatible with: WP Multisite, Apache, Litespeed, Nginx and IIS.
Plugins Compatibility updates: ManageWP, WPML, W3 Total Cache, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache,
Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress,
All In One SEO, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, iThemes Security, Sucuri Security,
Back-Up WordPress, Elementor Page Builder, Weglot Translate, AddToAny Share Btn, WordFence Security, Sucuri Security, Asset CleanUp
Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Litespeed Hosting, Flyweels Hosting
To hide all the common WordPress paths you need Hide My WP Ghost version. Check all the Ghost security features below.
The admin URL is the most common path that hackers use to break your WordPress site.
Being able to cover up the common paths is critical because you get to keep intruders away from sensitive website data.
This is crucial, and it will provide you with a great experience and really good results in the long term.
It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well.
If you don’t protect yourself, you will end up having a hacked website sooner or later.
This is a free version of the plugin so you can use it for all your blogs without any restrictions.
No theme or other plugins functionality will be blocked, everything will function the same
Note: The plugin requires custom permalinks. Make sure you have it activated at Settings > Permalinks
Hide My WP Ghost Premium security features:
- Hide WordPress /wp-admin path
- Hide WordPress /wp-login.php path
- Hide WordPress /wp-login/ path
- Hide WordPress /login path
- Custom wp-admin and wp-login paths
- Custom admin-ajax.php URLs
- Custom lost password URL
- Custom register URL
- Custom activate URL
- Custom logout URL
- Custom wp-includes path
- Custom wp-content path
- Custom REST API wp-json path
- Custom plugins name
- Custom themes name
- Custom themes style name
- Custom plugins path
- Custom uploads path
- Custom authors path
- Custom comment URL
- Custom category path
Custom tags path
Custom login redirects based on useer role
- Custom logout redirects based on useer role
Hidden Paths:
- Hide plugins name
- Hide themes name
- Hide style IDs and META IDs
- Hide author by ID URL
- Hide WordPress common paths like: wp-content, wp-includes, /plugins, /themes, upgrade.php
- Hide WordPress common files like: upgrade.php, install.php, activate.php, wp-config.php, etc.
- Hide RSD (Really Simple Directory) header
- Hide DNS Prefetch WordPress link
- Hide WordPress Generator Meta
- Add Firewall against SQL/Script injection
- Hide wp-caption, wp-image, wp-blocks, wp-post classes and ids, and more
- Hide Emojicons if you don’t use them
- Change URLs in Ajax calls
- Change URLs in all Caches files
- Change paths in Sitemap.xml
- Change paths in Robots.txt
Mapping Text and URLs:
- Change URLs using URL Mapping
- Change classes using Text Mapping
- Change text in CSS and JS files
- Change CDN URLs using CDN Mapping
- Change paths in the cache files
- Change paths in the Sitemap XML
- Change paths in the Robots.txt
Disable Paths:
- Disable XML-RPC access
- Disable Rest API access
- Disable Embed scripts
- Disable DB-Debug in Frontend
- Disable WLW Manifest scripts
- Disable directory browsing
Brute Force Protection:
- Brute Force Protection with Math Captcha
- Brute Force Protection with Google reCaptcha
- Custom attempts, timeout, message
- Manage Blacklist and Whitelist IPs
Wordpress Engine
Log Activity:
- Log user activity
- Set security alerts by email if users login from different IPs
- Set security alerts by email on Brute Force attacks
- Set security alerts by email if users delete articles
- Set security alerts by email if users delete articles
- Security Check with over 30 check points
Integrations:
- Support for WP Multisite
- Support for Nginx
- Support for IIS
- Support for LiteSpeed
- Support for Apache
- Support for WP Engine
- Support for Inmotion Hosting
- Support for Hostgator Hosting
- Support for Godaddy Hosting
- Support for Host1plus
- Support for Payperhost
- Support for Fastcomet
- Support for Dreamhost
- Support for Bitnami Apache
- Support for Bitnami Nginx
- Support for Google Cloud Hosting
- Support for Litespeed Hosting
Support for Flyweels Hosting
Recommended by Wp Rocket
- Recommended by WPML
Protection against:
- Brute Force Attacks,
- SQL Injection Attacks
- Script Injection Attacks
- Cross Site Scripting (XSS)
- and more
See All Premium Security Features:
https://hidemywpghost.com
Check the Demo Website:
https://demo.wpplugins.tips/
Once you use the Hide My WP Ghost plugin you will get custom upload paths, author paths, plugin paths and so on.
You will also have the ability to remove unwanted classes, hide content, disable scripts and so on.
Hide My WP Ghost does an exceptional job at helping you get support for WP Multisite, for Bitnami Servers, Apache, LiteSpeed, Nginx, IIS, WP Rocket Plugin and many others.
It is worth it, so you may want to check it out.
Also, just because you want to add a WordPress Security plugin that hides the common paths, doesn’t mean the plugin has to be slow.
Hide my WP Ghost is very fast, and it won’t impact your website in any negative way.
On the contrary, it will hide the common paths, deliver all the WordPress Security features above and much more while also keeping the site faster at all times!
Important! This is not the Hide My WP Nulled version of the Hide My Wp Codecanyon plugin.
Ready To Protect Your Website From Hackers With The Most USER-FRIENDLY WordPress Security Plugin?
Installation
Manually install the Hide My WP Ghost Lite plugin:
Step 1. Log In as an Administrator on your WordPress site.
Step 2. In the menu displayed on the left, there is a ‘Plugins’ tab. Click it.
Step 3. Now click ‘Add New’.
Step 4. There, you have the ‘Upload’ button. Click the ‘Upload’ button
Step 5. Upload the hide-my-wp.zip file.
Step 6. After the upload it’s finished, click Activate Plugin.
Step 7. Connect the plugin using your email to get a free access token
Step 8. Follow the setup guide from: https://hidemywpghost.com/article/how-to-install-hide-my-wp-ghost-lite/
Enjoy!
Install Hide My WP Ghost Lite directly from WordPress directory:
Step 1. Log In as an Administrator on your WordPress site.
Step 2. In the menu displayed on the left, there is a ‘Plugins’ tab. Click it.
Step 3. Search for ‘Hide My WP’.
Step 4. After the plugin is shown, click Activate Hide My WP Ghost
Step 5. Connect the plugin using your email to get a free access token
Step 6. Follow the setup guide from: https://hidemywpghost.com/article/how-to-install-hide-my-wp-ghost-lite/
Enjoy!
Hide My WP Ghost Knowledge Base:
https://hidemywpghost.com
FAQ
Does this plugin work on WP Multisite?
Yes, the plugin works on WP Multisite and you will configure it for the entire network.
The plugin also works with Apache, Nginx, IIS and LiteSpeed servers
Is Hide My WP Ghost working on Nginx Server?
Yes, the plugin works on Nginx Server and you will be guided for the redirects and nginx.conf settings.
The plugin also works with Apache, IIS and LiteSpeed servers
My website theme is not loading correctly after I change the paths. What should I do?
This issue is most likely from setting the rewrite rules.
- Make sure you purge the cache if you have cache plugins after you save the Hide My WP Ghost settings.
- In case the .htaccess (for apache) or nginx.conf (for Nginx) or web.config (for IIS) are not writable you need to add the rewrites manually.
- If you have Nginx server make sure you reload the Nginx after you save the settings.
- If the theme is still not loading okay, contact us and we can set up the plugin for you for free.
You can find useful information here: https://hidemywpghost.com/knowledge-base/
I forgot the custom login and admin URLs. What now?
Don’t panic.
You can still access your site with the secure parameter
http://domainname/wp-login.php?hmw_disable=[your_code]
Locked out of my site! I set the plugin, and after I logged out I couldn’t get back in
Rename the plugin directory /wp-content/plugins/hide-my-wp so that the plugins won’t hide the wp-login.php path anymore
Login using http://domainname/wp-login.php and activate the plugin again.
Make sure you remember the secure parameter and it will be much easier.
Does Hide My WP Ghost work for WordPress.com website?
Because of the Jetpack security in WordPress.com website, Hide My WP Ghost can’t change the admin and login paths.
If you already activated Hide My Wp on WordPress.com, remove the directory /wp-content/plugins/hide-my-wp to disable the plugin.
Will this plugin work if I don’t have custom permalinks on my site?
No. You need to have custom permalinks set to ‘on’ in Settings > Permalinks.
You will get a notification in the Settings page if something is not setup right.
What do I need to do before I deactivate the plugin?
It’s better to switch to Default Mode in Settings > Hide My WP.
If you don’t, the plugin will automatically change your site back to the safe URLs and it will tell you what to do if you don’t have write permission for the config files
Is this Plugin free of charge?
Yes. The Lite features of Hide My WP Ghost plugin will always be free.
We will include all the required WordPress Security updates.
To unlock all the features, please visit: https://hidemywpghost.com/hide-my-wp-pricing/
How to set the plugin on Nginx server?
Please follow this tutorial step by step to set up the Hide My WP Ghost for Nginx server:
Setup Hide My WP Ghost on Nginx Server
Configure Hide My Wp Ghost On Nginx Web Server With Virtual Private Server
How to Hide Your Site From WordPress Theme Detectors?
Changing the common WordPress paths will not guarantee that the WordPress CMS is completely hidden.
The old paths are still accessible and hackers are still able to inject SQL and Javascript into vulnerable installed plugins and themes.
Read more: How to Hide Your Site From WordPress Theme Detectors
Is this plugin enough to protect my website from all hackers?
The Free version of Hide My WP Ghost hides the wp-admin and wp-login as described but will not protect you from all hacker attacks.
Hide My WP Ghost hides all the common paths and patterns used but bots to detect that you are using WordPress.
We also recommend you to install Premium Themes and Plugins and not just any WordPress plugin because the free plugins are usually made by beginners and they don’t have security knowledge.