Easy to use. Secure. Affordable. Fast.
Yearly
Lifetime
If you purchase a yearly plan, you get access to all security updates, features, and fast replies to support requests for 1 year.
You can cancel the yearly plan anytime without affecting your website security.
After the subscription expires, you can still use the plugin without future support and compatibility updates.
You can use the free version of the plugin on any number of websites, whether or not they are owned by you.
The Ghost version can be installed on a limited number of websites, and you can transfer your license if you change your website.
This license is limited to the number of websites you use it on.
This means that you have to activate the product with a license for each website you want to use a product on.
For WordPress Multisite, the license is for the entire network.
Of course! Just deactivate the plugin from the previous domain, and activate it on the new one.
You can manage it in your account via Manage License.
We offer a full refund for the first 30 days after purchase, based on our Refund Policy.
The Hide My WP Ghost Lite version offers the basic security options for your website, while the plugin offers you a powerful security level to prevent most of the WordPress attacks made by both humans and bots. More details
You can use PayPal or any credit card to buy the plugin.
We use the Paddle gateway, which supports over 45 payment methods
You can save all the settings from the Free version and restore them after you activate the premium version.
For NGINX servers, you will need to do manual setup through SSH or SFTP to add the rewrite file into nginx.conf and reload the service.
Read the NGINX step-by-step tutorial here:
https://hidemywpghost.com/how-to-setup-hide-my-wp-on-nginx-server/
Note! Contact your host first and ask him if he can help you with it.
The plugin works on almost any WordPress server, but there are a few servers you can’t use Hide My WP Ghost with:
1. WordPress.com Business – doesn’t support a different login path and uses a shared NGINX hosting without the possibility to configure the rewrite rules.
2. Shared NGINX Hosting who doesn’t have the SSH option and refuses to add the Hide My WordPress Ghost config file and reload the NGINX settings.
Yes, you do!
Access the Knowledge Base for more answers or contact us.
14 Aug 2024
Compatible WP 6.6.x & PHP 8.3
Youtube Channel
Tutorials & FAQs
There are more and more plugins available that can hide common paths. To ensure the best results, you should consider using the fastest option available.
A slow website can put your website’s SEO and security at risk. For this reason, it is best to use Hide My WP Ghost for increased protection without compromising on speed.
= 8.0.13 = Update - Added the option to disable Copy & Paste separately Fixed - PHP Error on HMWP_Models_Files due to the not found class Fixed - Layout, Typos, Small Bugs = 8.0.12 = Update - Compatibility with Wordfence = 8.0.11 = Update - Plugin security and compatibility with WP 6.6.1 & PHP 8.3 Update - Adding wp-admin path extensions into firewall when user is not logged in = 8.0.10 = Fixed - Google reCaptcha on frontend popup to load google header if not already loaded Fixed - Hide New Login Path to allow redirects from custom paths: lost password, signup and disconnect Fixed - WP Multisite active plugins check to ignore inactive plugins Fixed - Small bugs = 8.0.09 = Update - Add security preset loading options in Hide My WP > Restore Fixed - Library integrity on the update process Fixed - Cookie domain on WP multisite to redirect to new login path when changing sites from the network Fixed - Brute Force shortcode to work with different login forms = 8.0.07 = Fixed - Compatibility with WP 6.6 Fixed - Security update on wp-login.php and login.php = 8.0.06 = Update - Compatibility with WordPress 6.5.5 Update - Added the option to immediately block a wrong username in Brute Force Update - Sub-option layouts Fixed - File Permission check to receive the correct permissions when is set stronger than required Fixed - Hide login.php URL when hide default login path Fixed - Small bugs = 8.0.05 = Update - Added more path in Frontend Test to make sure the settings are okay before confirmation Fixed - Compatibility with Wordfence to not remove the rules from htaccess Fixed - Filter words in 8G Firewall that might be used in article slugs Fixed - Trim error in cookie when main domain cookie is set Fixed - Login header hooks to not remove custom login themes = 8.0.03 = Fixed - isPluginActive check error when is_plugin_active is not yet declared Fixed - Disable clicks and keys to work without jQuery Fixed - Compatibility with Wordfence scan process = 8.0.02 = Fixed - Show error messages in Temporary login when a user already exists Fixed - Temporary users to work on WP Multisite > Subsites = 8.0.01 = Fixed - Login security when Elementor login form is created and Brute Force is active Fixed - Login access when member plugins are used for login process Fixed - Firewall warning on preg_match bot check in firewall.php = 8.0.00 = Update - Added Country Blocking & Geo Security feature Update - Added Firewall blacklist by User Agent Update - Added Firewall blacklist by Referrer Update - Added Firewall blacklist by Hostname Update - Added 'Send magic link login' option in All Users user row actions on Hide My WP Advanced Pack plugin Update - Added the option to select the level of access for an IP address in whitelist Removed - Mysql database permission check as WordPress 6.5 handles DB permissions more secure Moved - Firewall section was moved to the main menu as includes more subsections Fixed - 8G Firewall compatibility with all page builder plugins = 7.3.05 = Update - Compatibility with WPEngine rules on wp-admin and wp-login.php Update - New Feature added "Magic Login URL" on Hide My WP Advanced Pack plugin Update - Search option in Hide My WP > Overview > Features Update - Send Temporary Logins in Events log Fixed - Prevent firewall to record all triggered filters as fail attempts Fixed - Remove filter on robots when 8G firewall is active Fixed - Frontend Login Check popup to prevent any redirect to admin panel in popup test Fixed - Prevent redirect the wp-admin to new login when wp-admin path is hidden Fixed - Don't show Temporary Logins & 2FA in main menu when deactivated = 7.3.03 = Update - 8G Firewall on User Agents filters Update - Compatibility with WP 6.5.3 Update - Load the options when white label plugin is installed Fix - Restore settings error on applying the paths Fix - Prevent redirect the wp-admin to new login when wp-admin path is hidden = 7.3.01 = Update - Added translation in more languages like Arabic, Spanish, Finnish, French, Italian, Japanese, Dutch, Portuguese, Russian, Chinese Fix - 'wp_redirect' when function is not yet declared in brute force Fix - 'wp_get_current_user' error in events log when function is not yet declared = 7.3.00 = Update - Added the option to detect and fix all WP files and folders permissions in Security Check Update - Added the option to fix wp_ database prefix in Security Check Update - Added the option to fix admin username in Security Check Update - Added the option to fix salt security keys in Security Check Update - Layout and Fonts to integrate more with WordPress fonts Update - 7G & 8G firewall compatibility to work with more WP plugins and themes Fix - "wp_get_current_user" error in events log when function is not yet declared = 7.2.07 = Update - Added the option on Apache to insert the firewall rules into .htaccess Fixed - Screen 120dpi display layout Fixed - Hide reCaptcha secret key in Settings = 7.2.06 = Update - Added the 8G Firewall filter Update - Added the option to block the theme detectors Update - Added the option to block theme detectors crawlers by IP & agent Update - Added compatibility with Local by Flywheel Update - Firewall loads during WP load process to work on all server types Fixed - Load most firewall filters only in frontend to avoid compatibility issues with analytics plugins in admin dashboard Fixed - Avoid loading recaptcha on Password reset link Fixed - Avoid blocking ajax calls on non-admin users when the Hide wp-admin from non-admin users is activated = 7.2.05 = Update - Added the option ot manage/cancel the plan on Hide My WP Cloud Fixed - Custom login path issues on Nginx servers Fixed - Issues when the rules are not added correctly in config file and need to be handled by HMWP Fixed - Don't change the admin path when ajax path is not changed to avoid ajax errors = 7.2.04 = Compatibility with WP 6.5 Update - Compatibility with CloudPanel & Nginx servers Fixed - Warning in Nginx for $cond variable = 7.2.03 (14 Feb 2024) = Compatibility with PHP 8.3 & WP 6.4.3 Update - Compatibility with Hostinger Update - Compatibility with InstaWP Update - Compatibility with Solid Security Plugin (ex iThemes Security) Update - Added the option to block the API call by rest_route param Update - Added new detectors in the option to block the Theme Detectors Update - Security Check for valid WP paths Fixed - Don't load shortcode recapcha for logged users Fixed - Rewrite rules for the custom wp-login path on Cloud Panel and Nginx servers Fixed - Issue on change paths when WP Multisite with Subcategories Fixed - Hide rest_route param when Rest API directory is changed Fixed - Multilanguage support plugins Fixed - Small bugs & typos = 7.2.02 (10 Jan 2024) = * Update - Add shortcode on BruteForce "hmwp_bruteforce" for any login form * Update - Add security schema on ssl websites when changing relative to absolute paths * Update - Compatibility with WP 6.4.2 & PHP 8.3 * Fixed - Change the paths in cache files when WP Multisite with Subdirectories * Fixed - Small bugs in rewrite rules = 7.2.01 (20 Dec 2023) = * Update - Compatibility with WP 6.4.1 & PHP 8.3 * Update - The Frontend Check to check the valid changed paths * Update - The Security Check to check the plugins updated faster and work without error with Woocommerce update process * Update - Compatibility with Solid Security Plugin (ex iThemes Security) * Update - Hidden wp-admin and wp-login.php on file error due to config issue * Update - Hide rest_route param when Rest API directory is changed * Update - Add emulation for Drupal 10 and Joomla 5 * Fixed - Hide error when there are invalid characters in theme/plugins directory name * Fixed - Small bugs = 7.2.00 (20 Nov 2023) = * Update - Compatibility with WP 6.3.2 * Update - Added the 2FA feature with both Code Scan and Email Code * Update - Added the option to add random number for static files to avoid caching when users are logged to the website * Fixed - Added the option to pass the 2FA and Brute Force protection when using the Safe URL * Fixed - Tweaks redirect for default path wasn't saved correctly * Fixed - Small Bugs = 7.1.17 (18 Oct 2023) = * Fixed - File extension blocked on wp-includes when WP Common Paths are activated * Fixed - Remove hidemywp from file download when the new paths are saved = 7.1.16 (20 Sept 2023) = * Update - Compatibility with WP 6.3.1 * Update - Compatibility with WPML plugin * Update - Security on Brute Force for the login page * Fixed - Small Bugs = 7.1.15 (16 Aug 2023) = * Update - Compatibility with WP 6.3 * Update - Security Check Report for debugging option when debug display is set to off * Update - Security Check Report for the URLs and files to follow the redirect and check if 404 error = 7.1.13 (25 July 2023) = * Update - Compatibility with more 2FA plugins * Update - Compatibility with ReallySimpleSSL = 7.1.12 (29 June 2023) = * Update - Compatibility with more 2FA plugins = 7.1.11 (23 June 20213) = * Update - Json Response using WP functions * Update - Check the website logo on Frontend Check with custom paths * Fixed - Loading icon on settings backup * Fixed - Small bugs = 7.1.10 (5 June 2023) = * Update - Compatibility with WP 6.2.2 * Fixed - Update checker to work with the latest WordPress version * Fixed - Hide wp-login.php path for WP Engine server with PHP > 7.0 = 7.1.08 (26 May 2023) = * Update - Added the user role "Other" for unknown user roles * Update - Sync the new login with the Cloud to keep a record of the new login path and safe URL = 7.1.07 (19 May 2023) = * Update - Compatibility with WPEngine hosting * Update - Compatibility with WP 6.2.1 * Fixed - Loading on defaut ajax and json paths when the paths are customized * Fixed - Compatibility issues with Siteground when Ewww plugin is active * Fixed - To chnage the Sitegroud cache on Multisite in the background = 7.1.06 (16 May 2023) = * Update - Compatibility with Siteground * Update - Compatibility with Avada when cache plguins are enabled = 7.1.05 (05 May 2023) = * Update - Add compatibility for Cloud Panel servers * Update - Add the option to select the server type if it's not detected by the server * Fixed - Remove the rewrites from WordPress section when the plugin is deactivated * Fixed - User roles names display on Tweaks = 7.1.04 (03 May 2023) = * Update - File processing when the rules are not set correctly * Update - Security headers default values * Fixed - Compatibilities with the last versions of other plugins * Fixed - Reduce resource usage on 404 pages from version 7.1.03 = 7.1.02 (24 Apr 2023) = * Update - Compatibility with other plugins * Update - UI & UX to guide the user into the recommended settings * Update - Compatibility with WP User Manager plugin * Update - Security in Brute force option to work with more plugins * Update - Compatibility with Ewww Image Optimizer plugin CDN option * Fixed - Increased plugins speed on compatibility check * Fixed - Common paths extensions check in settings = 7.0.15 (30 Mar 2023) = * Update - Add the option to check the frontend and prevent broken layouts on settings save * Fixed - My account link on multisite option = 7.0.14 (23 Mar 2023) = * Update - Compatibility with WP 6.2 * Update - Added the option to whitelist URLs * Update - Added the sub-option to show a white-screen on Inspect Element for desktop * Update - Added the options to hook the whitelisted/blacklisted IPs * Fixed - small bugs / typos / UI = 7.0.12 (20 Feb 2023) = * Compatibile with WP 6.2 * Fixed - Handle the physical custom paths for wp-content and uploads set by the site owner * Fixed - Compatibility with more plugins and themes = 7.0.11 (26 Ian 2023) = * Update - Remove the atom+xml meta from header * Update - Save all section on backup restore = 7.0.10 (19 Dec 2022) = * Update - Remove the noredirect param if the redirect is fixed * Update - Check the XML and TXT URI by REQUEST_URI to make sure the Sitemap and Robots URLs are identified * Update - Check the rewrite rules on WordPress Automatic updates too * Fixed - To remove the version from URL even if the 'ver' param doesn't have any value * Fixed - Typo in Security Check = 7.0.05 (22 Nov 2022) = * Update - Fix login path on different backend URL from home URL = 7.0.04 (25 Oct 2022) = * Update - Compatibility with WP 6.1 * Update - Add More security to XML RPC * Update - Add GeoIP flag in Events log to see the IP country * Update - Compatibility with LiteSpeed servers and last version of WordPress = 7.0.03 (20 Oct 2022) = * Update - Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs * Fixed - Allow self access to hidden paths to avoid cron errors on backup/migration plugins * Fixed - White screen on iphone > safari when disable inspect element option is on = 7.0.02 (28 Sept 2022) = * Update - Add the Brute Force protection on Register Form to prevent account spam * Update - Added the option to prioritize the loading of HMWP Ghost plugin for more compatibility with other plugins * Update - Compatibility with LiteSpeed servers and last version of WordPress * Update - Compatibility with FlyingPress by adding the hook for fp_file_path on critical CSS remove process * Fixed - Remove the get_site_icon_url hook to avoid any issue on the login page with other themes * Fixed - Compatibility with ShortPixel webp extention when Feed Security is enabled * Fixed - Fixed the ltrim of null error on PHP 8.1 for site_url() path * Fixed - Disable Inspect Element on Mac for S + MAC combination and listen on Inspect Element window = 7.0.01 (12 Sept 2022)= * Update - Added Temporary Login feature * Fixed - Not to hide the image on login page when no custom image is set in Appearance > Customize > Site Logo * Update - Compatibility with Nicepage Builder plugin * Update - Compatibility with WP 6.0.2 = 6.0.24 (29 July 2022)= * Update - Add Custom Emulator in the website header * Update - Add Joomla 4 CMS emulator = 6.0.23 (25 July 2022)= * Update - Compatibility with the last version of Flywheel including Redirects * Fix - Don't show brute force math error for pages where the Brute Force is not loaded * Fix - Compatibility with Breakdance plugin * Fix - Fixed the ltrim of null error on PHP 8.1 for site_url() path = 6.0.22 (28 June 2022)= * Fix - URL Mapping for Nginx servers to prevent 404 pages * Fix - PHP error in Security Check when the X-Powered-By header is not string * Fix - Compatibility with Wp-Rocket last version * Fix - infinite loop in admin panel = 6.0.20 (03 June 2022)= * Update - Compatibility with Coming Soon & Maintenance Mode PRO * Update - New feature added to automatically redirect the logged users to the admin dashboard * Fixed the hidden URLs process * Fixed the site_url() and home_url() issue when they are different * Add compatibility with WordPress 6.0 = 6.0.19 (19 May 2022)= * Update - Add compatibility with Elementor Builder plugin for WP Multisite * Update - Tested/Update Compatibilities with more themes and plugins = 6.0.18 (03 May 2022)= * Add compatibility with LiteSpeed webp images * Update - Update Compatibilities * Fix - Small Bugs = 6.0.16 (22 Mar 2022)= * Update - Added compatibility with Backup Guard Plugin * Update - Prevent affecting the cron processes on Wordfence & changing the paths during the cron process * Update - Change the WP-Rocket cache files on all subsites for WP Multisite * Update - Automatically add the CDN URL if WP_CONTENT_URL is set as a different domain * Fixed the Change Paths for Logged Users issue = 6.0.15 (21 Feb 2022)= * Update - Added 7G Firewall option in Hide My WP > Change Paths > Firewall & Headers > Firewall Against Script Injection * Update - Fixed the menu hidden issue when other security plugins are active * Update - Compatibility with Login/Signup Popup plugin when Brute Force Google reCaptcha is activated * Update - Compatibility with Buy Me A Cofee plugin * Fixed - Library loading ID in HMWP Ghost = 6.0.14 (07 Feb 2022)= * Update - Security & Compatibility * Update - Compatibility with Namecheap hosting * Update - Compatibility with Ploi.io * Fixed - Removed the ignore option from Nginx notification * Fixed - The Security check on install.php and upgrade.php files * Fixed - The Restore to default to remove the rules from the config file = 6.0.13 (26 Ian 2022)= * Update - Added new option in Login Security: Hide the language switcher option on the login page * Update - Compatibility with WordPress 5.9 * Update - Compatibility with Coming Soon & Maintenance Mode PRO * Update - Compatibility with WPS Hide Login * Fix - Popup issue when Safe Mode or Ghost Mode is selected and other plugins are modifying the bootstrap javascript * Fix - 404 error on WordPress upgrade when access the file upgrade.php for logged users * Fix - Brute Force blocking Wordfence Cron Job = 6.0.12 (10 Ian 2022)= * Update - Compatibility with Smush plugin * Update - Compatibility with WordPress 5.8.3 * Update - Compatibility with Wordfence 2FA when reCaptcha is active * Fix - Infinit loop when POST action on unknown paths = 6.0.11 (08 Dec 2021)= * Update - Added the Ctrl + Shift + C restriction when Inspect Element option is active * Update - Added the features text for translation * Update - Removed the WordPress title tag from login/register pages * Update - Added the option to ignore the notifications and avoid repeating alerts * Fix - Remove the login URL from the logo on the custom login page * Fix - Set Filesystem to direct connection for file management = 6.0.10 (20 Nov 2021)= * Update - Added Permissions-Policy & Referrer-Policy default security headers * Update - Added the option to disable Right-Click for logged users and user roles * Update - Added the option to disable Inspect Element for logged users and user roles * Update - Added the option to disable View Source for logged users and user roles * Update - Added the option to disable Copy/Paste for logged users and user roles * Update - Added the option to disable Drag/Drop for logged users and user roles * Fix - Whitelist and Blacklist error messages in Brute Force when no IP was added * Fix - Typos in HMWP Ghost plugin = 6.0.09 (08 Nov 2021)= * Fix - Remove Sitemap style from Yoast, Rank Math, XML Sitemap on Nginx servers when the option Change Paths in Sitemaps XML is active * Update - Compatibility with Wordfence Security Scan when the wp-admin is hidden * Update - Compatibility with the Temporary Login Without Password plugin to work with the passwordless connection on custom admin * Update - Compatibility with the LoginPress plugin to work with the passwordless connection on custom admin * Update - Compatibility with WordPress Sitemap, Rank Math SEO, SEOPress, XML Sitemaps to hide the paths and style on Nginx servers = 6.0.08 (22 Oct 2021)= * Update - Compatibility with Nitropack * Update - Compatibility with OptimizePress Dashboard * Update - Change the Plugin Name on update check success message * Update - Compatibility with Bricks Builder * Update - Compatibility with Zion Builder * Fix - Compact the frontend scripts for removing right click and keys * Fix - Add links to the Change Paths page from Security Check = 6.0.07 (18 Oct 2021)= * Update - Select the WordPress common files you want to hide * Update - Add the option to block comments that may lead to spam * Update - Removed Plugins Section from Settings * Update - Removed any affiliate links from the plugin * Update - Compatibility with MainWP * Update - Compatibility with Limit Login Attempts Reloaded * Update - Compatibility with Loginizer * Update - Compatibility with Shield Security * Update - Compatibility with iThemes Security * Fix - Login & Logout redirects for Woocommerce * Fix - Don't show the rewrite alert messages if nothing was changed in HMWP = 6.0.06 (14 Oct 2021)= * Update - Update the White Label options to remove plugin name, and author while the plugin is active * Fix - Added handle when the plugin is not installed correctly * Fix - Avoid changing the cache in the paths like plugins and themes and broke the website = 6.0.05 (6 Oct 2021)= * Update - Add the option to hide the wp-admin path for non-admin users * Update - Advanced Text Mapping to work with Page Builders in admin * Update - Changing the paths in sitemap.xml and robots.txt to work with all SEO plugins * Update - Translate the plugin in more languages * Update - Select the cache directory if there is a custom cache directory set in the cache plugin * Update - Show the change in cache files option for more cache plugins * Fixed - Showing the old paths on unfound files * Fixed - Not load the Click Disable while editing with Page Builders = 6.0.04 (1 Oct 2021)= * Update - Use WordPress filesystem for all file actions * Fixed - Rewrite built on custom register and lostpassword path * Fixed - wp_ previx detection in Website Security Check * Fixed - plugin typos & translations = 6.0.03 (28 Sept 2021)= * Update - Added compatibility with JCH Optimize 3 plugin * Update - Added compatibility with Oxygen 3.8 plugin * Update - Added compatibility with WP Bakery plugin * Update - Added compatibility with Bunny CDN plugin * Update - Update compatibility with Manage WP plugin * Update - Update compatibility with Autoptimize plugin * Update - Update compatibility with Breeze plugin * Update - Update compatibility with Cache Enabler plugin * Update - Update compatibility with CDN Enabler plugin * Update - Update compatibility with Comet Cache plugin * Update - Update compatibility with Hummingbird plugin * Update - Update compatibility with Hyper Cache plugin * Update - Update compatibility with Litespeed Cache plugin * Update - Update compatibility with Power Cache plugin * Update - Update compatibility with W3 Total Cache plugin * Update - Update compatibility with WP Fastest Cache plugin * Update - Update compatibility with iThemes plugin * Update - Added compatibility with Hummingbird Performance plugin * Fix - Small Bugs = 6.0.00 (13 Sept 2021)= * Update - A new UI for Hide My WP Ghost * Update - Compatibility with more plugins and themes * Update - Added new Features: Disable Right Clicks, Copy-Paste, Drag-Drop, View-Source * Feature Update: Select User Role for Hide Admin Toolbar option * Feature Update: Get Events User report from Cloud directly in the plugin * Feature Update: Select Quick Text Mapping from WP Common Classes
Copyright © WPPlugins
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |