WP Ghost Dashboard Widget – Security Score and Threat Monitoring

WP Ghost (formerly Hide My WP Ghost) adds a security monitoring widget to your WordPress Dashboard. It shows your security score, a 7-day threats chart, and real-time metrics for threats prevented, brute force IPs blocked, and alert emails sent. The widget appears automatically after installation.

What the Dashboard Widget Shows

The WP Ghost widget gives you a security overview at a glance every time you open the WordPress Dashboard.

Security Score Gauge (0–100)

The gauge at the top shows your overall security optimization score from 0 to 100. The score is calculated from the Security Check tasks: brute force protection, path security, firewall rules, security headers, SSL, and other configuration checks. A score of 95/100 or higher means your site is well-protected. The color ranges from red (low) through yellow to green (strong).

Threats Prevented Chart (7-Day View)

The bar chart shows daily threat activity over the past 7 days. Blue bars represent threats prevented by WP Ghost (blocked by path security, firewall rules, or brute force protection). Orange bars represent threats that passed through (unblocked). This gives you a visual picture of how actively your site is being targeted and how effectively WP Ghost is blocking attacks.

Monitoring Metrics

Four summary boxes show 7-day totals:

Show or Hide the Widget

The widget appears automatically on the WordPress Dashboard after installing WP Ghost. To hide it, click Screen Options at the top of the Dashboard page and uncheck WP Ghost. To show it again, check the box.

How to Improve Your Security Score

If your score is below 90, go to WP Ghost > Security Check and click Start Scan. The scan shows exactly which security tasks are passing and which need attention. Click Fix It on any flagged item to resolve it automatically. Common tasks that improve your score: enabling brute force protection, activating the firewall, adding security headers, hiding default paths, and enabling 2FA.

Frequently Asked Questions

What does “Threats Passed” mean and should it always be zero?

Threats Passed counts attacks that were not blocked by WP Ghost’s firewall or path security. Ideally this number is zero. If you see threats passing through, WP Ghost shows a notification prompting you to activate the firewall or adjust your protection settings. Go to WP Ghost > Firewall and enable the 8G Firewall if it is not already active.

How is the security score calculated?

The score reflects how many Security Check tasks are passing. Each task (brute force enabled, paths changed, firewall active, headers configured, SSL active, etc.) contributes points. Run the Security Check to see the full task list and your score breakdown.

Can I see more detailed threat logs?

Yes. The widget shows a 7-day summary. For detailed logs, go to WP Ghost > Security Logs. The Security Threats Log shows individual threat entries with IP addresses, attack types, and timestamps. The Events Log tracks user login attempts, both successful and failed. Premium includes extended log retention and cloud storage.

What triggers the alert emails?

WP Ghost sends alert emails when an IP address is blocked by brute force protection, when a user account has too many failed login attempts, or when a security threat is detected. You can configure email notifications in the WP Ghost settings.

The widget is not showing on my Dashboard. How do I enable it?

Click Screen Options at the top of the Dashboard page and check the WP Ghost box. If you are on a Multisite network, navigate to an individual subsite’s Dashboard. The widget does not appear on the network dashboard.

Related Tutorials

Website Security Check – run the full scan and fix flagged items to improve your score.

Security Threats Log – view detailed threat entries beyond the 7-day widget summary.

Firewall and Geo Security – enable the 8G Firewall to reduce threats passed.

Brute Force Protection – configure login limits and reCAPTCHA.

Customize All WordPress Paths – improve path security score.