Skip to content Skip to main navigation Skip to footer

Security Feature

Hiding plugins like WooCommerce and Elementor

We do not recommend using Hide My WP Ghost to hide classes such as woocommerce and elementor (you can scroll down to the end of this article to see why).

However, since many people requested this feature, we’ve made it available starting with Hide My WP Ghost version 5, as part of our ongoing commitment to deliver solutions that best cater to our customers’ needs.

Note! Please read Hide WordPress from Theme Detectors or from Hackers Bots?

Some plugins like WooCommerce and Elementor are exclusively built for WordPress.

When their class names are detected in the site’s source-code by theme detectors, you will receive the information that your website is using WordPress – even if all the WordPress-specific common paths are changed and hidden.

These plugins not only add their names in the source code but they also add scripts in JS and CSS files based on those class names.

If you want to hide classes like woocommerce and elementor in the text mapping, make sure you follow the steps below to avoid JS and Theme Style errors.


Text Mapping

To activate this option, go to Hide My WP > Mapping > Text Mapping

Add the class names: woocommerce and elementor to then assign them different names such as: ecommerce and landingpage.

As you can see in the example below:

woocommerce becomes ecommerce

elementor becomes landingpage


Text Mapping in CSS and JS files

To activate this option, go to Hide My WP > Mapping > Experimental

NOTE! Enabling this option will create dynamic CSS and JS files, which will significantly slow down a site’s loading time. This is why we recommend that you use a cache plugin to optimize loading speed for your website. In Hide My WP > Plugins, we suggest a few cache plugins for you to choose from.

What can go wrong?

The website’s loading speed is affected – which is NOT good for SEO.

Even if you change the class names and load the CSS and JS dynamically, there are still browser caches, server caches, probably CDN which also caches the files – and it will take some time to refresh all the caches and see the changed classes.

Because of file caching, the class name can appear changed in some files and unchanged in others. This will lead to style and script errors in WordPress.

Protect My WordPress Website

This is the question we asked ourselves as a software company many years ago when we switched our business to WordPress CMS. It’s hard to trust an open-source CMS where our websites will probably end up being hacked.

As a developer, I wanted to know how to protect my WordPress website and how to protect my clients’ websites. I started studying WordPress CMS, its weak points and strong points and I found out that not the WordPress core itself is the main issue but the installed plugins and themes.

Many free plugins and themes were built by beginner programmers without any security knowledge and frankly, they probably didn’t even care about their users. As WordPress CMS can’t work without a plugin or a theme, most probably each production website had installed, at one point, a vulnerable plugin or a theme.

How To Protect My WordPress Website

Luckily, there are many security plugins now that verify the plugin integrity and vulnerability but they can’t keep up with all the last updates and the new plugins on the market.

About 4 years ago our company came up with the idea of creating a security plugin that will protect all the vulnerable plugins and themes by blocking the attacks on the common WordPress URLs and Paths.

This idea led us to create the Hide My WP Ghost plugin. A plugin that allows you to change all the common paths with hidden paths and block the hacker’s bots access to the known vulnerable paths.

We successfully reduced the number of SQL and Script injection attacks up to 99% with the Hide My WP Ghost plugin. We significantly reduced the number of Brute Force and XSS Attacks.

The best part is that Hide My WP Ghost works together with all other security plugins on the market by adding a layer of security for each business.

Some of the popular security plugins are Wordfence, iThemes Security, Shield Security, etc.

We look forward on keeping WordPress the safest open-source CMS and reducing the bot attacks as low as possible.

Secure Hosting Companies

Choosing a safe hosting is also important when you create a website for your business. There are many WordPress dedicated hosting companies who offer security and management.

Some of the great WordPress hosting companies are WpEngine, InMotion, CloudWays, etc.

Note! Keep in mind to choose a plan that will keep a daily backup on your website’s data.

Once you have a secure hosting plan and security plugins installed on your server, you don’t have to worry about getting hacked and you can focus on getting the best out of your online business.

If you have any question, please contact us

Prevent Hack Attacks on WordPress

Using an Open Source CMS with open-source plugins and themes it’s giving a hard time preventing all the hack attacks to your WordPress site.

Many plugins are created by authors who don’t know how to completely secure them. The same with the themes’ authors.

Prevent Hack Attacks

Fortunately, there are security plugins that are built to help you protect your website and prevent hack attacks. Some of them are popular on WordPress: Wordfence, iThemes, Shield Security, etc.

Most of these plugins are working to identify if your website was already hacked but what’s also important is to add a layer on your WordPress site to proactively stop a virus.

The best and simplest way to do this is to change all the known vulnerable paths for all plugins and themes. To do this, you can install Hide My WP Ghost plugin.

Hide My WP Ghost works together with other security plugins and hides the paths from hackers’ bots, stopping all Script and SQL injections. You can also include Brute Force protection to your login page if you want to use only one security plugin for your website.

The Difference Between Safe Mode and Ghost Mode in Hide My WP

Hide My WP Ghost brings a complex level of security through obscurity and protection against hacker bots.

A reason to change the common paths in WordPress is to be able to hide these paths and prevent script injections into your vulnerable plugins and themes.

Is your website secure? Run a free Website Security Check for your website now.

Note! The paths will not be physically changed by the plugin, which means all the previous settings will go back to normal in case you decide to deactivate Hide My WP Ghost.

(more…)

Hide WordPress Website from Theme Detectors or From Hackers’ Bots?

We’re usually asked if there is a chance to “completely” hide a website from WordPress theme detectors.

It’s a good question, but usually, the real question behind it is if there is a chance to protect the website so that hackers will not be able to break in.

(more…)