Skip to contentSkip to main navigation Skip to footer

How to Add Files to “Hide WordPress Common Files”

Understanding the Goal

You want to hide additional common WordPress files, specifically wp-cron.php, using the Hide My WP Ghost plugin. This is accomplished by adding a filter to modify the list of files to be hidden.


Adding the Filter in WordPress

You need to add a filter to either the functions.php file of your active theme or the wp-config.php file. This filter will modify the hidden files list.

Option A: Editing functions.php

  1. Navigate to your WordPress admin dashboard.
  2. Go to Appearance > Theme File Editor.
  3. Select the functions.php file from the right-hand side menu.
  4. Add the following code at the end of the functions.php file
add_filter('hmwp_hide_commonfiles_files', function($files){
  $files[] = 'wp-cron.php';
  return $files;
});

Option B: Editing wp-config.php

  1. Access your WordPress site’s root directory via FTP or your hosting control panel’s file manager.
  2. Open the wp-config.php file for editing.
  3. Add the following code at the end of the wp-config.php file
add_filter('hmwp_hide_commonfiles_files', function($files){
  $files[] = 'wp-cron.php';
  return $files;
});

Adding Multiple Files

If you want to hide additional files such as wp-trackback.php and xmlrpc.php, you can modify the code as follows:

add_filter('hmwp_hide_commonfiles_files', function($files){
    $files[] = 'wp-cron.php';
    $files[] = 'wp-trackback.php';
    $files[] = 'xmlrpc.php';
    return $files;
});

Hiding the File in Hide My WP Ghost

After adding the filter, you need to select the file and save the settings in the Hide My WP Ghost to apply the changes.

  1. Navigate to the Hide My WP > Change Paths > WP Core Security > Hide WordPress Common Files.
  2. Select the file from the list, in our case is wp-cron.php file
  3. Click the Save Settings button to ensure the file is hidden.

Note! For Nginx server, you need to restart the Nginx service after saving the settings in Hide My WP Ghost plugin.


Important

  • Avoid Breaking Functionality: Be careful not to hide files that are essential for WordPress functionality. For instance, hiding xmlrpc.php can prevent remote publishing and applications that use XML-RPC from functioning correctly.
  • Testing: After adding the filter, thoroughly test your website to ensure it continues to function as expected. Check for any broken features or errors.

By following this tutorial, you can easily extend the functionality of the Hide My WP Ghost plugin to hide additional files, increasing your WordPress site’s security.

Always test your changes and avoid hiding critical WordPress files to maintain the site’s functionality.