Hide My WP Ghost

1 Year Plugin Updates, 1 Year Events Log & Alerts, 1 Year Premium Support, Premium Security Features, WP Multisite Support, Compatibility Upgrades

secure payment

Unlock the full power of Hide My WP Ghost:

  • Brute Force Attacks
  • SQL Injection Attacks
  • Script Injection Attacks
  • Cross-Site Scripting (XSS)
  • XML-RPC Attacks
  • Throttling of Access Attempts to Entry Points
  • Known WordPress CMS Attacks
  • and more
Yearly Price:
$ loading...
Tax: $ loading...

Total: $ loading...

Awesome Security Features

  1. Custom wp-admin URL & wp-login Paths
  2. Hide wp-admin
  3. Hide wp-login
  4. Change Author Path
  5. Hide Author ID
  6. Change Lost Password Path
  7. Change Register Path
  8. Change Logout Path
  9. Change Activation Path
  10. Change admin-ajax.php Path
  11. Change Paths in Ajax Calls
  12. Change wp-content Path
  13. Change wp-includes Path
  14. Change wp-content/uploads Path
  15. Change comments Path
  16. Change Plugins Path
  17. Change Themes Path
  1. Customize each plugin name
  2. Customize each theme name
  3. Hide WordPress Old Plugins Path
  4. Hide WordPress Old Themes Path
  5. Change REST API Path
  6. Hide REST API URL Link
  7. Disable XML-RPC access
  8. Hide RSD (Really Simple Discovery) endpoint
  9. Hide WordPress Common Paths
  10. Hide WordPress Common Files
  11. Firewall Against SQL & Script Injection
  12. Disable Directory Browsing
  13. Redirect Hidden Paths
  14. Login Redirect URL
  15. Logout Redirect  URL
  16. Change Paths for Logged Users
  17. Change Paths In Cached Files
  • Change Relative URLs to Absolute URLs
  • Hide Feed and Sitemap Link Tags
  • Change Paths in RSS Feed
  • Change Paths in Sitemaps XML
  • Change Paths in Robots.txt
  • Hide Admin Toolbar
  • Hide Version from Images, CSS & JS URLs
  • Hide IDs from META Tags
  • Hide WordPress Generator META Tags
  • Hide WordPress DNS Prefetch META Tags
  • Hide HTML Comments
  • Hide Emoji icons
  • Disable Embed scripts
  • Disable WLW Manifest scripts
  • Disable Right-Click
  • Disable Inspect Element
  1. Disable View Source
  2. Disable Copy/Paste
  3. Disable Drag/Drop Images
  4. Disable Mouse Right Click
  5. Disable DB Debug in Frontend
  6. URL Mapping
  7. Text Mapping Classes, IDs, JS variables
  8. CDN URLs Mapping
  9. Text Mapping in CSS and JS caches files (E)
  10. Optimize CSS and JS files (E)
  1. Brute Force Protection
  2. WooCommerce Login Protection
  3. Math reCAPTCHA Protection
  4. Google reCAPTCHA v2 Protection
  5. Google reCAPTCHA v3 Protection
  6. Ban an IP address or multiple IP addresses
  7. Whitelist an IP address or multiple IPs
  8. Blocked IPs Report
  9. Limit login fail attempts
  10. Add Security Headers for XSS and Code Injection Attacks
  • Prevent Pingbacks
  • Cache & Optimize Speed
  • Backup/Restore Settings
  • Hide WordPress Version Number
  • Hide wp-image and wp-post classes
  • Custom theme style name
  • Custom attempts, lokout message
  • Change Category Path
  • Change Tags Path
  • Custom Safe URL Parameter

Activity Log

  • Log Users Events & Events Log report
  • Log User Roles
  • Accessing the Events Log Report in the Cloud
  • Email Alerts Options
  • Custom Email Address Notification

Run a Website Security Check

  • Detect potential security breaches on your site
  • Identify security or access issues on your website before they become a problem
  • Determine whether any of your plugins or themes have security vulnerabilities
  • Verify your site integrity for you
  • Take preventive measures against attacks.
  • Teaches you how to fix these potential breaches

Log Users Events & Events Log Report

  • Find out if someone is trying to hack your site
  • Know when a post was deleted, and who deleted it
  • Know when a plugin was activated/deactivated, and who did it
  • Track your freelancers’ or hired developer’s activities
  • Track your multiple blog authors’ activities
  • Track who has logged in, when, and with what IP address
  • View successful and failed login attempts
  • Track which IP address is targeting your login page
  • Track which themes, plugins, and core files are updated
  • Accessing the Events Log Report in the Cloud

Awesome Integration
Compatible With Hosting Servers​

Frequently Asked Questions

You are actually purchasing a product as a service, with access to security updates, new features, and fast replies to support requests for one year.

If you choose not to pay yearly, you will still be able to use the plugin but without future support and compatibility updates.

The yearly payment advantage is that you don’t need to worry about security updates and incompatibilities with other plugins because we’ve got your back. And this is why we recommend that you pay yearly.

You can use the free version of the plugin on any number of websites, whether or not they are owned by you.

The Ghost version can be installed on a limited number of websites, and you can transfer your license if you change your website.

This license is limited to the number of websites you use it on. This means that you have to activate the product with a license for each website you want to use a product on. For WordPress Multisite, the license is for the entire network.

Of course! Just deactivate the plugin from the previous domain, and activate it on the new one. You can manage it in your account via Manage License.

We offer a full refund for the first 30 days after purchase, based on our Refund Policy.

The Hide My WP Ghost Lite version offers the basic security options for your website, while Hide My WP Ghost offers you a powerful security level to prevent most of the WordPress attacks made by both humans and bots. More details

You can use PayPal or any credit card to pay for Hide My WP Ghost. We use the 2Checkut gateway, which supports over 45 payment methods

You can save all the settings from the Free version and restore them after you activate Hide My WP Ghost. 

For NGINX servers, you will need to do manual setup through SSH or SFTP to add the rewrite file into nginx.conf and reload the service.

Read the NGINX step-by-step tutorial here:

Note! Contact your host first and ask him if he can help you with it.

The plugin works on almost any WordPress server, but there are a few servers you can’t use Hide My WP Ghost with:

1. WordPress.com Business – doesn’t support a different login path and uses a shared NGINX hosting without the possibility to configure the rewrite rules.

2. Shared NGINX Hosting who doesn’t have the SSH option and refuses to add the Hide My WordPress Ghost config file and reload the NGINX settings.

Yes, you do!

Access the Knowledge Base for more answers or contact us.

To get answers to more questions, visit our complete FAQ page or contact us.