WP Ghost with SiteGround Security – Compatible Features and Configuration

WP Ghost (formerly Hide My WP Ghost) and SiteGround Security are fully compatible and complement each other. SiteGround Security focuses on login protection, activity logging, and post-attack detection. WP Ghost focuses on hack prevention by changing paths, blocking bots with firewall rules, and adding security headers. Together they provide two different security layers.

How They Work Together

Both plugins address WordPress security from different angles. SiteGround Security provides login path customization, brute force attempt limits, IP blocking, 2FA, and activity monitoring. WP Ghost provides path security (hiding wp-content, plugins, themes, uploads, includes), firewall rules (7G/8G), security headers, reCAPTCHA, and source code fingerprint removal. The overlap is minimal — both can change the login path and limit login attempts, but WP Ghost’s path security and SiteGround’s activity monitoring are unique to each plugin.

What to Activate in Each Plugin

When using both plugins, let each handle what it does best. Avoid enabling the same feature in both to prevent conflicts.

Use WP Ghost for:

All path changes (wp-content, wp-includes, uploads, plugins, themes, comments, REST API, author), hide old paths, hide common files (readme.html, license.txt), firewall (7G/8G), security headers (HSTS, CSP, X-Frame-Options), script injection protection, URL mapping, text mapping, CDN URL mapping, change paths in Ajax/feeds/sitemaps/cache files, disable right-click/inspect, weekly security monitoring.

Use SiteGround Security for:

Activity logging, 2FA (if you prefer SiteGround’s implementation), post-hack file scanning, and any SiteGround-specific hosting integrations.

Choose one plugin for shared features:

Both plugins can change the login path, limit login attempts, ban/whitelist IPs, and disable XML-RPC. Enable these in one plugin only to avoid conflicts. WP Ghost is recommended for login path changes (it also changes lost password, register, logout, and activation paths that SiteGround does not cover).

Feature Comparison

Frequently Asked Questions

Will the two plugins conflict?

Not if you avoid enabling the same feature in both. The shared features (login path, login limits, IP blocking, XML-RPC) should be active in one plugin only. All path security features are unique to WP Ghost and will not conflict.

Do I need SiteGround Security if I use WP Ghost?

WP Ghost covers more security features overall. SiteGround Security adds value through its SiteGround hosting integration and post-attack file scanning. If you are on SiteGround hosting, using both gives the most comprehensive coverage.

Does this work on non-SiteGround hosting?

SiteGround Security works on any WordPress host, not just SiteGround. However, some of its features are SiteGround-specific. WP Ghost works on all hosting providers.

Does WP Ghost modify WordPress core files?

No. WP Ghost uses rewrite rules and WordPress hooks. No core files modified. Deactivating restores all defaults.

Related Tutorials

Customize All WordPress Paths – configure WP Ghost’s unique path security features.

Brute Force Protection – add reCAPTCHA and login limits.

Header Security – enable HSTS, CSP, and other headers.

Compatibility Plugins List – all tested security plugins.

Website Security Check – verify your combined configuration.