To stop the Hide My WP Ghost plugin from checking for updates, add the following line to your wp-config.php file:
define('WP_AUTO_UPDATE_HMWP', false);This will disable the automatic update check for the plugin. To update the plugin manually, click on the “Check for Updates” link in the plugin list.
No, it is not recommended to use the same login path if you have multiple security plugins installed on your website. Each security plugin or theme that offers a custom login path option should be configured with different login paths.
When you set up multiple security plugins, each with its own custom login path feature, using the same login path across different plugins can create style & redirect conflicts. This can result in potentially exposing your custom login path.
1. Use Different Login Paths: Configure a unique login path for each security plugin. For instance, if you are using Hide My WP Ghost and another security plugin, set a custom login path in the other security plugin (e.g., /custom-login) and a different random login path in Hide My WP Ghost (e.g., /random-login-path).
2. Hide Default Paths: In Hide My WP Ghost, ensure that you enable the option to hide the default WordPress login paths (/wp-login.php and /login). This will prevent bots and unauthorized users from accessing the login page via the default URLs.
3. Styled Login Page: Using different login paths allows you to maintain a styled login page provided by the theme or security plugins, while also benefiting from the enhanced security features of Hide My WP Ghost.
/custom-login/random-login-path/wp-login.php and /loginBy following this approach, you can ensure that each plugin operates effectively without interference, providing both enhanced security and a customized login experience for your WordPress site.
There are some situations that could lead to Elementor stop working when activating Safe Mode or Ghost Mode. This might be from the server configuration or the cache.
1. Your server is NGINX. In this case, you need to make sure you follow the instructions to add the new paths in the Nginx config file:
2. You set a new admin path and your server doesn’t support any custom wp-admin. In this case, you need to restore the original wp-admin using the options from: Hide My WP > Change Paths > Admin Security.
3. You set a new REST API path and didn’t clear the cache and CDN, and there are still calls on the old REST API path.
4. If you set a new admin-ajax.php path and the server or the active plugins are not designed to work with it, change the ajax back to default from Hide My WP > Change Paths > Ajax Security
5. One last thing, see if it works when you Switch off the option Hide My WP > Tweaks > Change Options > Change Paths for Logged Users.
Installing security plugins in WordPress is essential to protect your website from potential threats and vulnerabilities. There are various security plugins available for WordPress that can help reinforce your website’s security measures. In this guide, we will explore the process of installing security plugins in WordPress in detail.
To install security plugins in WordPress, follow these steps:
To install plugins, you need to log in to your WordPress admin area using your admin credentials. Typically, you can access the dashboard by appending “/wp-admin” to your domain name (e.g., www.yourwebsite.com/wp-admin).
Once logged in, locate the “Plugins” tab on the left-hand side of the dashboard and click on it. This will take you to the Plugins page where you can manage and install plugins.
On the Plugins page, you’ll find an “Add New” button at the top. Click on it to proceed.
In the search bar on the Add Plugins page, enter the name of the security plugin you’ve selected or use relevant keywords. WordPress will display a list of plugins matching your search query.
Locate your desired security plugin from the search results and click on the “Install Now” button next to it. WordPress will automatically install the plugin onto your website.
Once the installation is complete, you’ll see an “Activate” button. Click on it to activate the plugin. Activation is necessary before you can configure and use the plugin’s security features.
After activation, you can usually access the settings of your security plugin from the “Plugins” or “Settings” tab in your WordPress admin area. It’s vital to configure the plugin according to your preferences and requirements.
Each security plugin will have its own configuration process, so it’s advisable to consult the plugin’s documentation or support resources for guidance.
Security plugins often release updates to incorporate new features and address potential vulnerabilities. It’s crucial to stay up to date with these updates by checking for plugin updates regularly. You can do this by visiting the Plugins page in your WordPress dashboard, where you will see a notification if updates are available for any installed plugins.
To ensure continuous protection, configure your security plugin to perform regular security scans, including malware scanning and vulnerability checks. This process allows the plugin to detect and identify any potential threats or weaknesses on your website.
Remember, installing security plugins is just one part of a comprehensive security strategy for your WordPress site. Additional security measures, such as strong passwords, two-factor authentication, regular backups, and secure hosting, should also be implemented to maximize your website’s security.
Since WordPress is the most popular content management system (CMS), its high popularity has also made it an attractive place for hackers and malicious actors.
As a WordPress website owner, you should prioritize hacking you secure the internet, protect your data and protect your visitors. The question arises: do you really need a security plugin for WordPress? Let’s explore the importance of having a dedicated security plugin.
The internet is a place for cyberbullying, and WordPress websites are no exception. Cybercriminals often target WordPress sites with various attacks such as brute force attacks, malware injections, DDoS attacks, etc.
These attacks can cause data breaches, website corruption, identity theft, and compromised user experiences. Security plugin implementation these It serves as an important defense mechanism against threats.
WordPress security plugins are designed to provide complete protection against vulnerabilities and common exposures (CVEs). These plugins offer features such as real-time threat detection, malware scanning, and firewalls to detect and block malicious activity.
Security measures can be updated and enforced on their own. Check the integrity of your website, and your WordPress installation, against potential vulnerabilities.
With a security plugin, you gain access to vulnerability management tools that can detect outdated software, plugins, or themes. Outdated components can pose significant security risks, as attackers often exploit known vulnerabilities.
A security plugin can automatically scan your WordPress site for outdated software and plugins, and provide timely updates or guidance for patching vulnerabilities.
Brute force attacks involve multiple login attempts to gain unauthorized access to your WordPress admin panel.
The security plugin can apply access restrictions, allowing you to block login attempts and block IP addresses associated with suspicious activities.
This greatly reduces the risk of successful brute-force attacks and helps keep your website secure.
User accounts on your WordPress website can also be vulnerable to attacks.
With a security plugin, you can enforce a strong password policy, implement two-factor authentication, or even monitor user activity.
These features increase the security of user accounts and reduce the risk of unauthorized access to sensitive information.
One of the main benefits of using a security plugin is that it gives you peace of mind.
Knowing that your WordPress website is tightly protected against potential threats can help you focus on creating valuable content, growing your business, or the side of your online presence on other important issues.
Security plugins help reduce the risk of security breaches and ensure you are well-prepared to handle unexpected situations.
“Do I really need a security plugin for WordPress?” It said YES. The ever-changing threat landscape and the increasing prevalence of cyber-attacks necessitates the implementation of strong security measures.
The dedicated WordPress security plugin provides maximum security, protecting your site from malicious applications and cyber threats.
With a security plugin, you can protect your data, protect your visitors, and ensure your online presence is stable and long-lasting.
If the Style and/or JavaScript is not working properly on your website after activating Hide My WP Ghost, the issues you’re encountering could be due to a few different configuration settings within the plugin. Here are steps you can take to resolve the most common problems:
It is also recommended not to use the experimental options from Hide My WP > Mapping > Experimental.
Aside from these specific settings, general advice includes ensuring that you follow the instructions based on your server type after saving the settings, checking the rewrite rules in the config file, and making sure that all rewrite rules are loaded correctly depending on whether your server is Apache, Litespeed, Nginx, or others.
https://hidemywpghost.com/theme-not-loading-correctly-website-loads-slower/
If you have activated Text Mapping in CSS and JS, be aware that this can cause CSS and JS URLs to load dynamically, which might slow down your site if these resources are not cached on the first call.
By adjusting these settings, you should be able to address the most common issues related to Styles and JavaScript functionality on your site with Hide My WP Ghost activated.
To block WP content using Hide My WP Ghost, you can change the wp-content path and then hide it using the option to Hide WordPress Common Paths.
This effectively obscures the common directories of your WordPress site, making it more difficult for automated bots and malicious users to identify and access your site’s content.
wp-content path to something unique and not easily guessable.wp-content path.wp-content directory, which contains themes, plugins, and uploads, is now hidden from the common paths that hackers target.
The process is user-friendly and is managed from within the plugin’s settings, providing a straightforward way to enhance the security of your WordPress installation.
The Hide My WP plugin is a security solution for WordPress sites that aims to address one of the platform’s significant challenges: its popularity makes it a common target for hackers, bots, and spammers. This plugin helps to mitigate such threats by obscuring the fact that a website is powered by WordPress, which can be a crucial step in preventing attacks that exploit WordPress-specific vulnerabilities.
https://hidemywpghost.com/hide-my-wp-why-you-must-have-it/
Installing the plugin is straightforward: it is uploaded and activated through the WordPress Admin panel. Once installed, configuration is key. Adjust settings to protect the WordPress admin and login areas, change URLs, activate firewalls, and secure all headers. These measures effectively make it more difficult for unauthorized users to identify and exploit WordPress-specific paths and files.
Hide My WP plugin is both user-friendly and a potent tool for enhancing the security of a WordPress site.
It works proactively to secure WordPress sites. It not only cloaks the common identifiers of a WordPress site but also operates alongside other security plugins. This cooperative functionality enhances a website’s overall security posture by adding layers of protection.
https://hidemywpghost.com/hide-wordpress-website-from-theme-detectors-or-against-hackers/
The plugin’s proactive approach means that it anticipates security issues before they happen, providing a comprehensive shield against potential vulnerabilities. With Hide My WP, users can benefit from a robust, multi-faceted security strategy that integrates seamlessly with existing security measures to fortify their WordPress sites against threats.
To make your WordPress site invisible while you’re building it and ensure security, you can follow these steps:
By following these steps, you can build your WordPress website privately, ensure security while it’s in development, and prevent it from being indexed by search engines until you’re ready to make it public.
I’m super excited to talk to you about a fantastic solution for cloaking your WordPress site. Now, you might be wondering, ‘What in the world is cloaking, and why do I need it for my WordPress site?’ Don’t worry; I’ve got you covered!
Cloaking, in the WordPress world, refers to the technique of hiding or disguising certain elements of your website to protect it from hackers and malicious bots. It’s like putting on an invisibility cloak on your website’s most vulnerable parts, ensuring that the bad guys can’t find and exploit them.
And when it comes to choosing the best plugin for this job, my top recommendation is none other than Hide My WP Ghost. This plugin is an absolute game-changer, and it’s been used on over 200.000 WordPress websites so far.
Hide My WP Ghost does an incredible job of hiding your WordPress core files, login URLs, and admin URLs to enhance your site’s security. It also goes the extra mile by providing additional layers of protection, such as firewall security, which prevents malicious scripts from harming your site.
What I love the most about Hide My WP Ghost is how user-friendly it is. You don’t need to be a tech guru to set it up; the plugin takes care of the heavy lifting for you. Plus, it’s super lightweight, ensuring that your website’s performance isn’t compromised.
So, if you’re on the lookout for a reliable and efficient cloaking solution for your WordPress site, I can’t recommend Hide My WP Ghost enough. Give it a try, and take the first step towards a more secure and robust WordPress experience!”
I hope this helps!
To hide the WordPress version and related information from images, CSS, and JavaScript files in WordPress, you can use the “Hide My WP Ghost” plugin. Here’s how you can achieve this:
By enabling this feature in Hide My WP Ghost, the plugin will hide all version information from images, CSS styles, and JavaScript files within your WordPress site.
This helps enhance security by preventing potential attackers from easily identifying the WordPress version and any associated vulnerabilities.
Keep in mind that this feature works to hide version details as long as the Hide My WP Ghost plugin is active on your website.
To hide the theme name in WordPress, you can use a WordPress plugin like “Hide My WP Ghost.” Here’s how you can do it using the Hide My WP Ghost plugin:
With these steps, Hide My WP Ghost will hide the theme names from public view on your WordPress website. This can help improve the security of your site by obscuring information about the themes you are using.
Keep in mind that this functionality will work as long as the Hide My WP Ghost plugin is active.
To hide your WordPress site from the public while you’re building it and ensure security, you can follow these steps:
By following these steps, you can build your WordPress website privately, ensure security while it’s in development, and prevent it from being indexed by search engines until you’re ready to make it public.
Two-Factor Authentication (2FA) has become an essential security measure in today’s digital world. By adding an extra layer of protection to your login process, 2FA significantly reduces the risk of unauthorized access to your website.
If you’re a WordPress user, implementing 2FA is relatively simple, especially with the help of plugins. One such plugin is “Hide My WP Ghost,” which not only provides 2FA functionality but also offers multiple other security features.
In this article, we will walk you through the steps to set up Two-Factor Authentication in WordPress using the Hide My WP Ghost plugin, specifically focusing on:
By using the Hide My WP Ghost plugin, WordPress users can easily integrate 2FA into their sites, offering an enhanced level of security. Whether you choose authentication by code or by email, you’re taking a significant step toward protecting your website and its users.
IsItWP.com is a website that offers tools and resources related to WordPress. One of its features is the ability to detect whether a website is using WordPress as its content management system (CMS). When IsItWP.com detects that a website is powered by WordPress, it applies caching to the results for a period of up to 30 days.
Caching is a technique used to improve website performance by temporarily storing a version of a webpage or its components. When a user visits a website, the cached version is served instead of generating the page from scratch, resulting in faster load times.
In the case of IsItWP.com, once it identifies a WordPress-powered website, it stores the information about the WordPress themes and plugins used on that site in its cache. This means that subsequent visits to the same website within the caching period will retrieve the information from the cache instead of rechecking the website.
To demonstrate this functionality, you can test it by providing a blank index page (a page without any content) instead of an actual website. IsItWP.com will still detect that it’s a WordPress CMS and apply caching to the results.
If you prefer to use theme detectors that check the website every time you run a check, you can try the following alternatives:
These alternatives offer the advantage of checking the website every time you run a check, ensuring that you receive the most up-to-date information about the themes and plugins used on a WordPress site.
WordPress is a widely used content management system (CMS) for creating websites. However, there may be instances where you want to hide certain aspects of your WordPress site for security or privacy reasons.
Hiding your WordPress site offers several benefits, including enhanced security, improved privacy, protection against targeted attacks, and the ability to safeguard your branding and competitive advantage.
Methods to Hide Your WordPress Site:
Hide My WP Ghost is a security plugin designed specifically for WordPress sites.
It provides features such as hiding WordPress fingerprints, obfuscating URLs, and blocking malicious requests.
Here’s how Hide My WP Ghost addresses each of these features:
Hide My WP Ghost allows you to easily change the default login URL of your WordPress site.
By modifying the login URL, you can effectively protect your site from unauthorized login attempts and brute-force attacks.
The plugin provides a user-friendly interface where you can set a custom login URL of your choice, making it difficult for attackers to locate the login page.
Read more: Change & Hide Paths
Displaying the WordPress version can make your site a target for attacks that exploit known vulnerabilities in specific versions.
Hide My WP Ghost addresses this issue by providing an option to hide the WordPress version number.
By enabling this feature, the plugin modifies the HTML source code of your site to remove any references to the WordPress version. This ensures that potential attackers cannot easily identify the version you are using, thereby reducing the risk of targeted attacks.
Read more: Hide WordPress Version
Changing the default names of your themes and plugins adds an extra layer of security by making it challenging for attackers to identify specific vulnerabilities associated with them.
Hide My WP Ghost includes a feature that allows you to obfuscate the names of your themes and plugins.
By enabling this option, the plugin dynamically renames the theme and plugin files, making it harder for potential attackers to determine the exact themes and plugins you are using.
This significantly reduces the risk of targeted attacks exploiting known vulnerabilities in specific themes or plugins.
Read More: Change Plugins/Themes Paths
Securing the wp-admin directory is crucial for preventing unauthorized access to the backend of your WordPress site.
Hide My WP Ghost provides enhanced protection for the wp-admin directory by implementing various security measures.
The plugin helps block malicious requests, restricts access to sensitive files and directories, and prevents common types of attacks targeted at the wp-admin area.
It offers an additional layer of security by concealing the actual URL structure and redirecting unauthorized access attempts.
Read More: Change and Hide WP-Admin Path
Directory browsing allows visitors to see the contents of your website’s directories, which can potentially expose sensitive information and vulnerabilities.
Hide My WP Ghost enables you to disable directory browsing effortlessly.
The plugin adds specific rules to your website’s .htaccess file, preventing anyone from directly accessing and browsing the directories.
This effectively hides the directory structure and reduces the risk of attackers identifying potential vulnerabilities through directory browsing.
Read More: Disable Directory Browsing
Absolutely! Hide My WP Ghost offers comprehensive protection by allowing you to hide the plugins and themes you are using on your website.
It achieves this by assigning custom names and paths to these elements, making it difficult for potential attackers to identify them.
Additionally, you have the option to further enhance the security by hiding the common paths associated with WordPress itself. By navigating to Hide My WP > Change Paths > WP Core Security, you can activate the “Hide WordPress Common Paths” option, ensuring an extra layer of protection for your website’s core functionality.
Read more:
Have you encountered an issue where your website’s theme layout fails to load correctly? Don’t worry, we’re here to help you understand and resolve this problem.
When the new paths for CSS and JS files fail to load correctly, it typically indicates that the paths have not been properly configured. Let’s explore a couple of common scenarios and their corresponding solutions.
To assist you further, we’ve created a comprehensive tutorial specifically designed to address this issue.
You can find it at the following links:
Setup Hide My WP Ghost on Nginx Server – Hide My WP Ghost
Configure Hide My WP Ghost On Nginx Web Server With Virtual Private Server – Hide My WP Ghost
For a detailed guide on configuring Hide My WP Ghost plugin on Apache servers, refer to the following link:
Configuring Hide My WP on Apache Servers
It’s important to note that after making changes to the paths, you should follow any instructions provided within the plugin. Some hosting providers, such as WP Engine, may require special configurations.
We understand that encountering issues with theme layout loading can be frustrating. However, with the help of our tutorials and step-by-step instructions, you’ll be able to resolve this issue and ensure that your website’s theme layout loads correctly.
Remember, a well-functioning and visually appealing website contributes to a positive user experience, so don’t hesitate to address any issues promptly. Happy troubleshooting!
Naturally, you may have concerns about the impact of using security plugins on your website’s loading speed. In this article, we will address the common misconception surrounding the Hide My WP Ghost plugin and its effect on website performance.
With the ever-increasing number of cybersecurity threats, safeguarding your website has become essential. Hide My WP Ghost provides a robust solution by changing the default paths and URLs of your website, making it more challenging for hackers to exploit vulnerabilities. But does this security measure come at the expense of your website’s loading speed? Let’s find out.
Contrary to popular belief, using the Hide My WP Ghost plugin does not significantly impact your website’s loading speed. In fact, the changes made by the plugin are executed swiftly and efficiently. On average, the path changes occur in just 0.05 seconds, ensuring a seamless transition for your visitors.
Many websites utilize cache plugins to enhance performance by storing static versions of their pages. The good news is that Hide My WP Ghost works harmoniously with cache plugins. The path changes made by the plugin occur in the background without even loading on the frontend. This means that your website’s visitors will not experience any delays or disruptions caused by the path changes.
To further optimize your website’s loading speed, Hide My WP Ghost offers a range of built-in tweaks. These tweaks can be activated in the plugin’s settings under Hide My WP > Tweaks > Hide Options. By enabling these tweaks, you can enhance the speed and performance of your website even more.
Don’t let the misconception about Hide My WP Ghost’s impact on website loading speed discourage you from utilizing this valuable security plugin. The changes made by the plugin occur swiftly, with an average time of just 0.05 seconds. Furthermore, when used in conjunction with a cache plugin, the path changes are executed in the background, ensuring a seamless browsing experience for your visitors.
By taking advantage of the optimization tweaks available in Hide My WP Ghost, you can further boost your website’s loading speed and provide a fast, secure, and enjoyable browsing experience for your users.
Remember, prioritizing website security doesn’t mean compromising on performance. With Hide My WP Ghost, you can have both. So go ahead, fortify your website’s defenses and enjoy the peace of mind knowing that your website is secure without sacrificing loading speed.
We’re excited to announce the addition of a brand new feature to enhance user experience on your website—the language switcher available right on the login screen. This latest update is particularly useful for those who have enabled multiple languages in their website settings or utilize a multilingual plugin.
You can learn more about this here.
Now, your users will have the option to select their preferred language directly on the login screen. This means that right from the moment they access your website, they can choose the language in which they wish to interact with the login interface.
To take advantage of this feature, simply navigate to the Settings > General section of your website or consult your multilingual plugin’s documentation for instructions. There, you can activate the desired languages and enable the language switcher functionality.
For more detailed information on how to set up and customize the language switcher, we recommend visiting our comprehensive guide. It provides step-by-step instructions along with useful tips and tricks to make the most out of this exciting new feature.
However, we understand that not all website owners may require this functionality for their specific site(s). If you prefer to hide the language switcher option on your login page, we’ve got you covered too! Our user-friendly Hide My WP Ghost plugin offers a quick and simple solution.
To hide the Language Switcher, follow these straightforward steps:
Once you’ve completed these steps, the Language Switcher will no longer be visible on your login screen, ensuring a more streamlined and tailored experience for your users.
We believe that providing a seamless and personalized user experience is paramount for any successful website. With the new language switcher feature and the flexibility offered by Hide My WP Ghost, you can cater to the unique needs and preferences of your diverse user base.
Remember, it’s all about enhancing user satisfaction and making their interactions with your website as smooth and enjoyable as possible. So go ahead and explore these exciting new possibilities for your website’s login screen today!
Are you having trouble accessing the login path of your WordPress site through the traditional wp-admin path? If so, it may be because your site is secured by the Hide My WP Ghost plugin.
This plugin provides an extra layer of security to your site by hiding the wp-admin path and redirecting users to a custom login path.
However, if you still want to use the old wp-admin path, you can easily switch off the option in the plugin’s settings.
Simply go to Hide My WP > Change Paths > Admin Security and turn off the option to “Hide wp-admin.” Once you’ve done this, you should be able to access the backend of your site as usual.
It’s important to remember that while the wp-admin path is the most commonly used path for accessing the backend of a WordPress site, it’s also one of the most commonly targeted paths for malicious attacks. By using the Hide My WP Ghost plugin to secure your site, you can help to protect yourself against these attacks and keep your site safe.
To disable XML-RPC using Hide My WP Ghost, follow these steps:
Note: Disabling XML-RPC may prevent some functionality on your WordPress site, such as the ability to use certain apps or plugins that rely on XML-RPC. Before disabling XML-RPC, make sure that you are not using any functionality on your site that requires it.
If you want to disable XML-RPC but still allow certain IP addresses to access it, you can use Hide My WP Ghost to do so. Simply add the IP addresses you want to allow in the plugin’s settings under the Change Paths > Whitelist IPs section. This will enable those IPs to access the XML-RPC option, while still disabling it for all other IPs.
Are you looking to add an extra layer of protection to your WordPress site? Look no further than Hide My WP Ghost.
This highly customizable plugin makes it easy to upgrade your site’s security in just minutes.
It’s compatible with other popular security solutions and provides an extra layer of security that others don’t offer for specific WordPress-related vulnerabilities.
With one click, users can pick from 3 pre-built security levels and automatically configure the plugin to achieve their desired level of protection.
Hide My WP Ghost helps protect your site against common attacks such as script and SQL injection and brute force by camouflaging vulnerabilities without physically changing any files or directories.
It works like an invisibility cloak, hiding your WordPress site from attackers.
The plugin also includes a security check feature that scans your entire site to indicate its current security level and uncover urgent threats that leave your site exposed to different types of attacks.
In addition to its camouflage and security check features, Hide My WP Ghost also provides custom security options, including custom login and logout redirects based on user roles, URL mapping to create friendly URLs for your site, and brute force protection to prevent repeated login attempts from the same IP address.
With over 200,000 secured WordPress sites and 4,000,000 brute force attempts blocked, Hide My WP Ghost is a reliable choice for enhancing your site’s security.
Yes, the plugin works with WP Umbrella but their connection is still made through the login page.
You can setup a custom login path using Hide My WP but you need to set the following option:
2. Set the same REST API path on Hide My WP and WP Umbrella settings
3. Confirm the new paths and clear the cache on your website.
By default, Hide My WP > Mapping > Text Mapping is changing the classes and IDs in CSS & Scripts.
2. To change the METAs in admin dashboard too, you need to add this line in wp-config.php
define(‘HMW_ALWAYS_CHANGE_PATHS’, true);
as guided in this article:
https://hidemywpghost.com/faqs/how-can-i-change-the-wp-paths-in-admin-dashboard/
3. In Hide My WP > Mapping > Text Mapping you can now add the text you want to change/hide from METAs. If you use {blank} param, the text will be replaced with blank.
Yes, we’ve tested both plugins and this is our experience with Elementor PRO and Custom Icons.
When we tested only Elementor plugin and tried to add icons from Fontello and IcoMoon we got blank icons.
The only icons that were uploaded correctly are from Fontastic website https://fontastic.me/.
Here is the icons package that worked on our test:
https://hidemywpghost.com/images/fontastic_fonts.zip
We could upload the icons without any issue with all HMWP Ghost options activated.
We also included the custom icons on a page using Elementor
By default, Hide My WP Ghost changes the paths only in frontend.
We don’t recommend this but if you want to change the path also in the admin dashboard, add this line in wp-config.php file
define('HMW_ALWAYS_CHANGE_PATHS', true);
Save the settings in Hide My WP Ghost and the WordPress paths will be changed in admin backend area.
By default, Hide My WP Ghost adds the rewrite rules in 2 places in .htaccess to avoid errors when other plugins are deleting the rules from .htaccess.
If you want to have the Hide My WP Ghost rewrite rules only inside the #BEGIN HMWP_RULES … #END HMWP_RULES add this line in the wp-config.php file.
define( 'HMW_RULES_IN_WP_RULES', false );
Save the settings in Hide My WP > Change Paths and the plugin will remove the rewrite rules from WordPress definition #BEGIN WordPress …. #END WordPress
You can set from Hide My WP > Change Paths > WP Core Security > Hide WordPress Common Paths the extension files you want to hide on the old paths.
By default, the images are not included as it may affect the indexed Google images.
After you change the paths, it will take a while for Google and other search engines to index the new images URL.
If you still want to hide the old images, add this line in wp-config.php file
define('HMW_HIDE_OLD_IMAGES', true);
and you will see the images option in the Hide File Extentions list:
Select the Images and save the settings.
It is important not to have the same image on two different URLs on a website to avoid duplicate content issues and to maintain good search engine optimization (SEO) practices. When search engines like Google detect duplicate content, it can negatively impact the website’s visibility and rankings in search results.
For Apache/Litespeed, locate the .htaccess file in the root directory of your website and add the following code at the beginning of the file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{THE_REQUEST} /wp-content/uploads/[^\.]+(\.jpg|\.png|\.jpeg|\.webp|\.gif) [NC]
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-content/uploads/(.*)$ /storage/$2 [L,R=301]
</IfModule>For Nginx servers add this code before the Hide My WP Ghost include line in the Nginx config file:
if ($request_uri ~* ^/wp-content/uploads/[^\.]+(\.jpg|\.png|\.jpeg|\.webp|\.gif)){
rewrite ^/wp-content/uploads/(.*)$ /storage/$1 redirect;
}This code utilizes mod_rewrite, a module that allows URL rewriting. It checks if the request is for an image file within the /wp-content/uploads/ directory and redirects it to the corresponding file in the /storage/ directory.
By implementing this solution, any requests for images in the old /wp-content/uploads/ directory will be redirected to the new /storage/ directory, preventing duplicate URLs for the same image.
By default, when you set Hide My WP Ghost plugin in Ghost Mode, you can login only with the new login path.
To activate the option to access the new admin path and to be redirected to the new login path, do this:
Switch OFF the option Hide My WP > Change Paths > Admin Security > Hide the New Admin Path
Once you switch off the option and save the settings, when you access the new admin path, it will redirect to the new login path.