Does WP Ghost Work With WP Umbrella?

Q: Does WP Ghost work with WP Umbrella?

Yes. Keep the /login path accessible in WP Ghost (Hide login switched OFF) and set the same REST API path in both WP Ghost and WP Umbrella settings. Clear cache after saving.

Q: Can I still hide wp-login.php while using WP Umbrella?

Yes. You can hide /wp-login.php and set a custom login URL. Just keep the /login redirect path accessible. WP Umbrella uses /login, not /wp-login.php directly.

Q: Does WP Umbrella need XML-RPC enabled?

No. WP Umbrella uses the REST API, not XML-RPC. You can safely disable XML-RPC in WP Ghost without affecting WP Umbrella.

Q: Will WP Ghost's firewall block WP Umbrella?

Not by default. The firewall targets malicious patterns, not legitimate API traffic. If needed, whitelist WP Umbrella's IP addresses in WP Ghost > Firewall > Whitelist.

Q: Does WP Ghost modify WordPress core files?

No. WP Ghost uses rewrite rules and WordPress filters. Deactivating restores all original paths, including default WP Umbrella connection paths.

Moved

This tutorial has moved to the new WP Ghost Knowledge Base where each feature is presented in detail.

View on new site

Yes, WP Ghost works with WP Umbrella. WP Umbrella connects to your site through the login page and the REST API, so you need to make sure both paths are accessible to WP Umbrella after changing them in WP Ghost. Two settings require attention: the login path visibility and the REST API path sync.

How to Configure WP Ghost for WP Umbrella

WP Umbrella manages your WordPress sites remotely through the login page and the REST API. When WP Ghost changes these paths for security, WP Umbrella needs to know the new URLs. Here is how to set it up correctly.

Step 1: Keep the /login path accessible. WP Umbrella’s connection process uses the /login path to authenticate with your site. If you hide this path in WP Ghost, WP Umbrella cannot connect. Go to WP Ghost > Change Paths > Login Security and make sure the Hide “login” option is switched OFF. You can still change and hide /wp-login.php from bots. Just leave the /login redirect path accessible so WP Umbrella can reach it.

Step 2: Match the REST API path in both plugins. If you changed the REST API path in WP Ghost (for example, from the default /wp-json/ to something custom), you need to enter the same custom path in WP Umbrella’s settings. In WP Ghost, check the path at WP Ghost > Change Paths > API Security. Then go to your WP Umbrella dashboard at app.wp-umbrella.com > Sites > Settings and enter the same REST API path. If the paths do not match, WP Umbrella cannot communicate with your site’s API.

Step 3: Clear your cache. After confirming the paths, clear all cache layers on your site (caching plugin, server cache, CDN). This ensures the new path configuration is fully applied and WP Umbrella’s requests reach the correct endpoints.

Troubleshooting

If WP Umbrella still cannot connect after following the steps above, check these additional settings. Make sure Disable REST API Access is switched off in WP Ghost > Change Paths > API Security, otherwise the REST API is blocked for all external requests. Also check that the security headers in WP Ghost > Firewall > Header Security are not blocking WP Umbrella’s requests. If you are unsure which setting is causing the issue, try reverting the REST API path to the default wp-json temporarily and testing the connection. If it works with the default path, the issue is the path mismatch between WP Ghost and WP Umbrella.

For general guidance on resolving third-party app connection issues with WP Ghost, see the Change REST API Path tutorial.

Frequently Asked Questions

Can I still hide wp-login.php while using WP Umbrella?

Yes. You can hide the /wp-login.php path and set a custom login URL. Just keep the /login redirect path accessible (Hide “login” switched OFF). WP Umbrella uses the /login path, not /wp-login.php directly, so hiding wp-login.php does not affect its connection.

Does WP Umbrella need XML-RPC enabled?

No. WP Umbrella uses the REST API for communication, not XML-RPC. You can safely disable XML-RPC in WP Ghost without affecting WP Umbrella. See the Disable XML-RPC tutorial for details.

Will WP Ghost’s firewall block WP Umbrella?

Not by default. The 7G/8G firewall rules target malicious request patterns, not legitimate API traffic. If you experience issues, check whether you have IP-based restrictions or overly strict security headers enabled. You can whitelist WP Umbrella’s IP addresses in WP Ghost > Firewall > Whitelist if needed.

Does WP Ghost modify WordPress core files?

No. WP Ghost uses rewrite rules and WordPress filters. No core files are modified. Deactivating WP Ghost restores all original paths instantly, which also restores the default connection paths for WP Umbrella.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.