How to Add Files to “Hide WordPress Common Files”
July 22, 2024
- Understanding the Goal
- Adding the Filter in WordPress
- Option A: Editing functions.php
- Option B: Editing wp-config.php
- Adding Multiple Files
- Hiding the File in Hide My WP Ghost
- Important
Understanding the Goal
You want to hide additional common WordPress files, specifically wp-cron.php, using the Hide My WP Ghost plugin. This is accomplished by adding a filter to modify the list of files to be hidden.
Adding the Filter in WordPress
You need to add a filter to either the functions.php file of your active theme or the wp-config.php file. This filter will modify the hidden files list.
Option A: Editing functions.php
- Navigate to your WordPress admin dashboard.
- Go to Appearance > Theme File Editor.
- Select the
functions.phpfile from the right-hand side menu. - Add the following code at the end of the
functions.phpfile
add_filter('hmwp_hide_commonfiles_files', function($files){
$files[] = 'wp-cron.php';
return $files;
});Option B: Editing wp-config.php
- Access your WordPress site’s root directory via FTP or your hosting control panel’s file manager.
- Open the
wp-config.phpfile for editing. - Add the following code at the end of the
wp-config.phpfile
add_filter('hmwp_hide_commonfiles_files', function($files){
$files[] = 'wp-cron.php';
return $files;
});Adding Multiple Files
If you want to hide additional files such as wp-trackback.php and xmlrpc.php, you can modify the code as follows:
add_filter('hmwp_hide_commonfiles_files', function($files){
$files[] = 'wp-cron.php';
$files[] = 'wp-trackback.php';
$files[] = 'xmlrpc.php';
return $files;
});Hiding the File in Hide My WP Ghost
After adding the filter, you need to select the file and save the settings in the Hide My WP Ghost to apply the changes.
- Navigate to the Hide My WP > Change Paths > WP Core Security > Hide WordPress Common Files.
- Select the file from the list, in our case is wp-cron.php file
- Click the Save Settings button to ensure the file is hidden.
Note! For Nginx server, you need to restart the Nginx service after saving the settings in Hide My WP Ghost plugin.
Important
- Avoid Breaking Functionality: Be careful not to hide files that are essential for WordPress functionality. For instance, hiding
xmlrpc.phpcan prevent remote publishing and applications that use XML-RPC from functioning correctly. - Testing: After adding the filter, thoroughly test your website to ensure it continues to function as expected. Check for any broken features or errors.
By following this tutorial, you can easily extend the functionality of the Hide My WP Ghost plugin to hide additional files, increasing your WordPress site’s security.
Always test your changes and avoid hiding critical WordPress files to maintain the site’s functionality.