change WordPress activation path, hide wp-activate.php, WP Ghost activation path, WordPress Multisite activation security, custom activation URL WordPress, change wp-activate path, hide WordPress activation page
Hide My WP Features
43 Articles
Change the WordPress author path, hide author IDs, and block user enumeration through the REST API, oEmbed, and sitemaps with WP Ghost. Three layers of username discovery protection.
Change the WordPress admin-ajax.php path, hide wp-admin from AJAX URLs, and replace paths in AJAX responses with WP Ghost. Three layers of AJAX security to block exploit scripts and CMS detection.
Change the WordPress logout path with WP Ghost to complete your path-hiding strategy. Prevent CSRF logout attacks, remove CMS fingerprints, and keep WooCommerce account pages clean.
Change the WordPress registration path with WP Ghost to block spam bot signups, prevent username enumeration, and stop fake accounts. 95% spam reduction according to WPForms. Step-by-step guide.
Change the WordPress lost password path with WP Ghost to block spam reset emails, prevent username enumeration, and stop bots from exploiting the password reset form. Step-by-step guide.
Disable WordPress XML-RPC to block brute force amplification via system.multicall, DDoS pingback abuse, and CMS fingerprinting. Includes Jetpack compatibility with .htaccess IP whitelisting.
Change the wp-json path, hide the REST API URL, disable unauthenticated access, and block the rest_route backdoor with WP Ghost. Protect your WordPress API from user enumeration and bot attacks.
Add two-factor authentication to WordPress with WP Ghost using authenticator app codes, email codes, or passkeys (Face ID, Touch ID, Windows Hello). Free in all versions. Complete setup guide with troubleshooting.
Simulate Drupal or Joomla on your WordPress site with WP Ghost’s CMS Simulator. Inject fake CMS fingerprints to trick theme detectors and hacker bots. Three steps, no code required.
Change and hide the default WordPress wp-login.php path with WP Ghost to block brute force attacks. Custom login URL, hide old paths, block redirects, hide language switcher. Step-by-step guide.
Change and hide the default WordPress wp-admin path with WP Ghost to block brute force attacks and prevent bots from finding your admin dashboard. Step-by-step guide with troubleshooting.
Create passwordless, time-limited login URLs for developers, clients, and team members using WP Ghost’s Temporary Logins feature. No passwords shared, automatic expiration, instant revocation.
Run a complete security audit of your WordPress site with WP Ghost’s Security Check. Scans 40+ security tasks including PHP version, debug modes, outdated plugins, exposed paths, file permissions, and firewall status. Free in all versions.
Track every security-relevant action on your WordPress site with WP Ghost’s User Events Log. Monitor logins, plugin changes, post deletions, and settings modifications. Set up email alerts for critical events. Premium feature.
Configure WP Ghost’s advanced settings for rollback recovery, server compatibility, plugin loading order, and rewrite rule management. Includes Safe URL, Pause 5 Minutes, server type override, and Clean Login Page.
Learn how to use URL Mapping, Text Mapping, CDN Mapping, and experimental CSS/JS mapping in WP Ghost to change class names, URLs, and plugin identifiers in your WordPress source code.
Learn how to protect your WordPress site from brute force attacks using WP Ghost. Set up Math reCAPTCHA, Google reCAPTCHA V2, V3, and Enterprise, protect WooCommerce login forms, and manage IP banning.