I’m usually asked if there is a chance to completely hide a website from WordPress theme detectors.

wordpress vulnerability detector

It’s a good question, but usually, the real question behind it is if there is a chance to protect the website so that hackers will not be able to attack it anymore.

If I get deeper into the question, I would say that the reason to hide a website CSM is to protect the vulnerable themes and plugins from being attacked by hacker’s bots.

Now, this is a really good question and this is the reason we created Hide My WP Ghost plugin for WordPress.

The plugin works like a security through obscurity solution for a WP website. All the WordPress common paths can be changed (not physically changed to avoid massive problems) together with the plugins and themes names.

Once the paths are changed, the old paths can be hidden and get the 404 error (page not found) when hackers bots access these paths.

Here is the list with some of the common paths we are hiding:
wp-admin, wp-login.php, wp-includes, wp-content, wp-json API, wp-content/uploads, author, wp-comment, plugins and themes, wp-config.php, install.php, update.php, etc.

Hide My WP Ghost will also add a shield in .htaccess against parameter script injection and SQL injection. This way you will have a fully protected website.

  • In the premium version of Hide My WP Ghost you will find many security add-ons you can activate for your website:
  • Hide author by ID URL
  • Hide RSD (Really Simple Directory) header
  • Disable directory browsing
  • Hide Emojicons if you don’t use them
  • Disable XML-PRC access
  • Disable Rest API access
  • Disable Embed scripts
  • Disable DB-Debug in Frontend
  • Disable WLW Manifest scripts
  • Brute Force Protection with Math Captcha
  • Brute Force Protection with Google reCaptcha
  • Log user activity

We worked hard to make the plugin compatible with almost all the server types and hosts so that it will be easy to configure the plugin no matter where you host it.

We made the plugin compatible with:
WordPress Multisite, Nginx Servers, IIS Windows Servers, LiteSpeed Servers, Apache Servers, Bitnami Hosting, WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx

 

Find how to configure Hide My WP Ghost plugin and how to hide your website from theme detectors: