Skip to contentSkip to main navigation Skip to footer

Security Feature

7G Firewall for WordPress

WordPress is the most widely used content management system (CMS) on the web, powering more than 40% of all websites. However, its popularity makes it a prime target for hackers and cybercriminals. As a website owner, it’s your responsibility to secure your site and protect it from malicious attacks. One way to do that is by using a firewall.

Firewalls are security programs that protect your website from unauthorized access and malicious traffic. They can help block suspicious traffic, prevent brute-force attacks, and protect against SQL injections and other types of attacks.

The 7G Firewall is an advanced firewall created by Jeff Starr, a well-known WordPress security expert. It offers lightweight, server-level protection against a wide range of threats, including malicious requests, bad bots, automated attacks, spam, and other types of nonsense. The firewall works by analyzing incoming traffic and blocking any suspicious requests before they reach your website.

One of the benefits of using the 7G Firewall is that it’s highly customizable. You can choose from several levels of protection, including minimal, medium, and maximum. The minimal level is suitable for most websites and provides basic protection against common threats. The medium level offers additional protection against more advanced threats, while the maximum level is recommended for high-traffic websites that are frequent targets of attacks.

However, it’s worth noting that the 7G Firewall may not work with all server configurations. If you’re not sure whether it’s compatible with your server, you can select minimal or medium protection to ensure compatibility.


If you’re using Hide My WP Ghost to secure your WordPress website, you can easily activate the 7G Firewall by following the tutorial provided by the plugin. Once activated, the firewall will run silently in the background, protecting your website from a wide range of threats without impacting its performance.

In conclusion, if you’re looking to secure your WordPress website, a firewall is an essential tool to have in your security arsenal. Hide My WP Ghost’s 7G Firewall protection for Apache-based servers is a powerful and customizable solution that can help keep your site safe from malicious attacks.

By following the plugin’s tutorial, you can easily activate the firewall and enjoy the peace of mind that comes with knowing your website is protected.

Disable Hide My WP Ghost for User Roles

Our plugin is designed to provide users with the highest level of security and customization. One unique feature of our plugin is the ability to whitelist specific IP addresses, which allows users to grant access to certain users while blocking others.

This can be particularly useful for businesses or organizations that want to grant access to employees or trusted partners while blocking access to unauthorized users.

If you want to disable the plugin for logged users with specific roles, you can add this code in the functions.php file of the theme:

add_action('template_redirect','hidePathsByUserRole');

function hidePathsByUserRole(){

    if (function_exists('wp_get_current_user')) {
        $user = wp_get_current_user();
        $allowed_roles = array(
            'administrator',
            'editor', 
            'author'
        );

        if( isset($user->roles) && is_array($user->roles) && array_intersect($allowed_roles, $user->roles ) ) {
            add_filter('hmwp_process_paths', '__return_false');
            add_filter('hmwp_process_buffer', '__return_false');
            add_filter('hmwp_process_hide_disable', '__return_false');
            add_filter('hmwp_process_find_replace', '__return_false');
        }
    }
}

The code will disable Hide My WP Ghost for administrators, editors and authors. You can add new roles or remove roles from the code.

Most Popular WordPress Theme Detectors

If you’re a WordPress user, you may be familiar with the concept of theme detection. A WordPress theme detector is a tool that allows you to see which theme a WordPress site is using.

This can be useful for a variety of reasons, including allowing you to see which theme a competitor is using, or simply to find out more about a particular theme you like the look of.

Here are the top WordPress theme detectors, based on their popularity and user reviews:


What WordPress Theme Is That?

This popular theme detector allows you to easily identify the theme and plugins used on any WordPress site. Simply enter the URL of the site you want to inspect and the tool will provide a detailed report on the theme and plugins used.


WP Theme Detector

WP Theme Detector is a free online tool that allows you to quickly and easily identify the theme and plugins used on any WordPress site. Simply enter the URL of the site you want to inspect and the tool will provide a detailed report on the theme and plugins used.


WordPress Theme Detector

WordPress Theme Detector is a free online tool that allows you to easily identify the theme and plugins used on any WordPress site. Simply enter the URL of the site you want to inspect and the tool will provide a detailed report on the theme and plugins used.

However, some WordPress users may not want others to be able to detect the theme they are using on their site. This is where the Hide My WP Ghost plugin comes in. This plugin adds an extra layer of protection to your WordPress site by hiding the fact that you are using WordPress.

Hide My WP Ghost complements other security plugins and tools by adding a different kind of security layer that the others don’t offer. It helps protect your site against common attacks such as script and SQL injection and brute force by camouflaging vulnerabilities without physically changing any files or directories. This makes it difficult for hackers and other malicious actors to detect and exploit vulnerabilities on your WordPress site.

In addition to its camouflage feature, Hide My WP Ghost also includes a security check feature that scans your entire site to indicate its current security level and uncover urgent threats that leave your site exposed to different types of attacks. It provides clear guidance on how to fix each issue, and many can be fixed with just one click.

Overall, Hide My WP Ghost is a valuable addition to any WordPress user’s security toolkit. By hiding the fact that you are using WordPress and providing extra protection against common attacks, it can help keep your site safe and secure.

Hiding plugins like WooCommerce and Elementor

We do not recommend using Hide My WP Ghost to hide classes such as woocommerce and elementor (you can scroll down to the end of this article to see why).

However, since many people requested this feature, we’ve made it available starting with Hide My WP Ghost version 5, as part of our ongoing commitment to deliver solutions that best cater to our customers’ needs.

Note! Please read Hide WordPress from Theme Detectors or from Hackers Bots?

Some plugins like WooCommerce and Elementor are exclusively built for WordPress.

When their class names are detected in the site’s source-code by theme detectors, you will receive the information that your website is using WordPress – even if all the WordPress-specific common paths are changed and hidden.

These plugins not only add their names in the source code but they also add scripts in JS and CSS files based on those class names.

If you want to hide classes like woocommerce and elementor in the text mapping, make sure you follow the steps below to avoid JS and Theme Style errors.


Text Mapping

To activate this option, go to Hide My WP > Mapping > Text Mapping

Add the class names: woocommerce and elementor to then assign them different names such as: ecommerce and landingpage.

As you can see in the example below:

woocommerce becomes ecommerce

elementor becomes landingpage


Text Mapping in CSS and JS files

To activate this option, go to Hide My WP > Mapping > Experimental

NOTE! Enabling this option will create dynamic CSS and JS files, which will significantly slow down a site’s loading time. This is why we recommend that you use a cache plugin to optimize loading speed for your website. In Hide My WP > Plugins, we suggest a few cache plugins for you to choose from.

What can go wrong?

The website’s loading speed is affected – which is NOT good for SEO.

Even if you change the class names and load the CSS and JS dynamically, there are still browser caches, server caches, probably CDN which also caches the files – and it will take some time to refresh all the caches and see the changed classes.

Because of file caching, the class name can appear changed in some files and unchanged in others. This will lead to style and script errors in WordPress.

Protect My WordPress Website

This is the question we asked ourselves as a software company many years ago when we switched our business to WordPress CMS. It’s hard to trust an open-source CMS where our websites will probably end up being hacked.

As a developer, I wanted to know how to protect my WordPress website and how to protect my clients’ websites. I started studying WordPress CMS, its weak points and strong points and I found out that not the WordPress core itself is the main issue but the installed plugins and themes.

Many free plugins and themes were built by beginner programmers without any security knowledge and frankly, they probably didn’t even care about their users. As WordPress CMS can’t work without a plugin or a theme, most probably each production website had installed, at one point, a vulnerable plugin or a theme.

How To Protect My WordPress Website

Luckily, there are many security plugins now that verify the plugin integrity and vulnerability but they can’t keep up with all the last updates and the new plugins on the market.

About 4 years ago our company came up with the idea of creating a security plugin that will protect all the vulnerable plugins and themes by blocking the attacks on the common WordPress URLs and Paths.

This idea led us to create the Hide My WP Ghost plugin. A plugin that allows you to change all the common paths with hidden paths and block the hacker’s bots access to the known vulnerable paths.

We successfully reduced the number of SQL and Script injection attacks up to 99% with the Hide My WP Ghost plugin. We significantly reduced the number of Brute Force and XSS Attacks.

The best part is that Hide My WP Ghost works together with all other security plugins on the market by adding a layer of security for each business.

Some of the popular security plugins are Wordfence, iThemes Security, Shield Security, etc.

We look forward on keeping WordPress the safest open-source CMS and reducing the bot attacks as low as possible.

Secure Hosting Companies

Choosing a safe hosting is also important when you create a website for your business. There are many WordPress dedicated hosting companies who offer security and management.

Some of the great WordPress hosting companies are WpEngine, InMotion, CloudWays, etc.

Note! Keep in mind to choose a plan that will keep a daily backup on your website’s data.

Once you have a secure hosting plan and security plugins installed on your server, you don’t have to worry about getting hacked and you can focus on getting the best out of your online business.

If you have any question, please contact us

Prevent Hack Attacks on WordPress

Using an Open Source CMS with open-source plugins and themes it’s giving a hard time preventing all the hack attacks to your WordPress site.

Many plugins are created by authors who don’t know how to completely secure them. The same with the themes’ authors.

Prevent Hack Attacks

Fortunately, there are security plugins that are built to help you protect your website and prevent hack attacks. Some of them are popular on WordPress: Wordfence, iThemes, Shield Security, etc.

Most of these plugins are working to identify if your website was already hacked but what’s also important is to add a layer on your WordPress site to proactively stop a virus.

The best and simplest way to do this is to change all the known vulnerable paths for all plugins and themes. To do this, you can install Hide My WP Ghost plugin.

Hide My WP Ghost works together with other security plugins and hides the paths from hackers’ bots, stopping all Script and SQL injections. You can also include Brute Force protection to your login page if you want to use only one security plugin for your website.

The Difference Between Safe Mode and Ghost Mode in Hide My WP

Hide My WP Ghost brings a complex level of security through obscurity and protection against hacker bots.

A reason to change the common paths in WordPress is to be able to hide these paths and prevent script injections into your vulnerable plugins and themes.

Is your website secure? Run a free Website Security Check for your website now.

Note! The paths will not be physically changed by the plugin, which means all the previous settings will go back to normal in case you decide to deactivate Hide My WP Ghost.

(more…)

Hide WordPress Website from Theme Detectors or From Hackers’ Bots?

We’re usually asked if there is a chance to “completely” hide a website from WordPress theme detectors.

It’s a good question, but usually, the real question behind it is if there is a chance to protect the website so that hackers will not be able to break in.

(more…)