Yes, you can still benefit from using Hide My WP Ghost, even if you already have server side protection.
Server side protection is a great for stopping stop all sorts of DDOS and similar attacks.
Now, on the application side (WordPress) – its information is exposed.
People can easily find out you are using WordPress as your CMS (Content Management System) and start to poke the common point of XSS entries, such as RSD, WP-JSON, and similar entry points.
They will also predict which vulnerable plugin paths you have, so they can try cross scripting on those plugins.
So you should use Hide My WP Ghost to completely block out those easy to guess information (together with brute force and limit login attempts).
This way, your WP application side is protected without having the bloat on it.
And gain peace of mind knowing both Server and Application are well protected.
Your best security stack:
- Server Side: Protected and Hardened with Malware detection, etc.
- Application side (WP): use Hide My WP Ghost to complete the story.