How to Add Files to “Hide WordPress Common Files”
July 22, 2024
- Understanding the Goal
- Adding the Filter in WordPress
- Option A: Editing functions.php
- Option B: Editing wp-config.php
- Adding Multiple Files
- Hiding the File in Hide My WP Ghost
- Important
Understanding the Goal
You want to hide additional common WordPress files, specifically wp-cron.php
, using the Hide My WP Ghost
plugin. This is accomplished by adding a filter to modify the list of files to be hidden.
Adding the Filter in WordPress
You need to add a filter to either the functions.php
file of your active theme or the wp-config.php
file. This filter will modify the hidden files list.
Option A: Editing functions.php
- Navigate to your WordPress admin dashboard.
- Go to Appearance > Theme File Editor.
- Select the
functions.php
file from the right-hand side menu. - Add the following code at the end of the
functions.php
file
add_filter('hmwp_hide_commonfiles_files', function($files){
$files[] = 'wp-cron.php';
return $files;
});
Option B: Editing wp-config.php
- Access your WordPress site’s root directory via FTP or your hosting control panel’s file manager.
- Open the
wp-config.php
file for editing. - Add the following code at the end of the
wp-config.php
file
add_filter('hmwp_hide_commonfiles_files', function($files){
$files[] = 'wp-cron.php';
return $files;
});
Adding Multiple Files
If you want to hide additional files such as wp-trackback.php
and xmlrpc.php
, you can modify the code as follows:
add_filter('hmwp_hide_commonfiles_files', function($files){
$files[] = 'wp-cron.php';
$files[] = 'wp-trackback.php';
$files[] = 'xmlrpc.php';
return $files;
});
Hiding the File in Hide My WP Ghost
After adding the filter, you need to select the file and save the settings in the Hide My WP Ghost to apply the changes.
- Navigate to the Hide My WP > Change Paths > WP Core Security > Hide WordPress Common Files.
- Select the file from the list, in our case is wp-cron.php file
- Click the Save Settings button to ensure the file is hidden.
Note! For Nginx server, you need to restart the Nginx service after saving the settings in Hide My WP Ghost plugin.
Important
- Avoid Breaking Functionality: Be careful not to hide files that are essential for WordPress functionality. For instance, hiding
xmlrpc.php
can prevent remote publishing and applications that use XML-RPC from functioning correctly. - Testing: After adding the filter, thoroughly test your website to ensure it continues to function as expected. Check for any broken features or errors.
By following this tutorial, you can easily extend the functionality of the Hide My WP Ghost plugin to hide additional files, increasing your WordPress site’s security.
Always test your changes and avoid hiding critical WordPress files to maintain the site’s functionality.