Disable WP Ghost automatic update checks by adding WP_AUTO_UPDATE_HMWP to wp-config.php. Keep full control over when you update the plugin.
This knowledge base has moved to wpghost.com/kb with updated tutorials, step-by-step guides, and developer documentation.
WP Ghost (Hide My WP Ghost) – Knowledge Base
All WP Ghost (Hide My WP Ghost) Features
Subscribe to our YouTube channel for How-To videos on the Hide My WP Ghost plugin.
Latest FAQ
Same Login Path with Multiple Security Plugins?
Moved
This tutorial has moved to the new WP Ghost Knowledge Base where each feature is presented in detail.
No, using the same custom login path across multiple security plugins is not recommended. Each plugin that offers a custom login path should be configured with a unique URL. Sharing the same path causes style conflicts, redirect loops, and can actually expose your custom login URL instead of protecting it.
Why the Same Login Path Causes Problems
When two security plugins both try to handle the same custom login path, they compete for control over that URL. Each plugin writes its own rewrite rules and applies its own redirect logic. The result is unpredictable: one plugin may redirect the request before the other gets a chance to process it, the login page may load with broken styling because both plugins inject their own CSS, or the login page may become completely inaccessible due to a redirect loop.
Worse, the conflict itself can leak information. If one plugin’s redirect fires first and points back to /wp-login.php before the other plugin hides it, bots watching the redirect chain can discover your real login path. That defeats the entire purpose of changing the login URL in the first place.
Recommended Setup with Multiple Plugins
The best approach is to let one plugin own the login path entirely and disable that feature in the other. WP Ghost is the recommended choice for login path security because it handles the change at the server rewrite level, which is faster and more thorough than PHP-level redirects.
If you still want both plugins to have their own login paths (for example, one styled login for clients and one hidden login for admins), configure each with a completely different URL. In WP Ghost, set your custom login path in WP Ghost > Change Paths > Login Security. In the other plugin, like Wordfence or Solid Security, set a different custom path. Then make sure WP Ghost hides the default /wp-login.php and /login paths so bots cannot reach them.
Example Configuration
Here is a practical example with WP Ghost and Wordfence running together. WP Ghost handles the custom login path at /my-secret-login with the default WordPress paths hidden. Wordfence uses a separate path at /team-access with its styled login page enabled. Both plugins operate independently because they are not fighting over the same URL. Default paths like /wp-login.php and /login return a 404 error, so bots scanning for standard WordPress entry points hit a dead end.
LoginPress Compatibility
WP Ghost is fully compatible with LoginPress. You can use the same custom login path for both plugins in this specific case because LoginPress is a styling plugin, not a security plugin. It does not write its own rewrite rules or redirect logic. LoginPress only applies visual customization to the login page, so there is no conflict with WP Ghost handling the path security. This lets you have a branded, styled login page that is also hidden behind a custom URL.
Frequently Asked Questions
What happens if I accidentally set the same path in two security plugins?
You will likely experience redirect loops, a broken login page, or an inaccessible admin dashboard. If this happens, use the emergency disable method to regain access, then configure unique paths for each plugin.
Which plugin should I use for the custom login path?
WP Ghost is the recommended choice. It handles login path changes at the server rewrite level, which is more efficient and secure than PHP-level redirects. Disable the custom login path feature in your other security plugin and let WP Ghost manage it. For specific configuration guides, check WP Ghost with Wordfence or the compatible plugins list.
Can I use a styled login plugin like LoginPress with WP Ghost?
Yes. LoginPress is a styling-only plugin. It does not interfere with WP Ghost’s path security or rewrite rules. You can use the same custom login path in both WP Ghost and LoginPress without conflict. Alternatively, WP Ghost includes its own built-in Login Page Design feature under WP Ghost > Tweaks, so you may not need LoginPress at all.
Should I hide the default /wp-login.php path too?
Absolutely. Changing the login path without hiding the original is only half the job. Go to WP Ghost > Change Paths > Login Security and enable the option to hide the default /wp-login.php path. This returns a 404 error for anyone trying the standard WordPress login URL. For a full walkthrough, see the Change WordPress Login Path tutorial.
Does WP Ghost modify WordPress core files?
No. WP Ghost uses server-level rewrite rules and WordPress filters to change and hide login paths. No WordPress core files are modified. Deactivating WP Ghost restores all original paths instantly.
Why Has Elementor Stopped Working with WP Ghost Safe or Ghost Mode?
Elementor editor broken after activating WP Ghost Safe Mode or Ghost Mode? Fix it by checking Nginx config, REST API, AJAX path, cache, and logged user settings.
How Do I Install Security Plugins in WordPress? (Guide)
Learn how to install and configure a WordPress security plugin step by step. Covers plugin search, activation, settings, and hack prevention tips with WP Ghost.
Do I Really Need a Security Plugin for WordPress?
Yes. WordPress default paths make every site a bot target. Learn why a hack-prevention plugin like WP Ghost is essential for protecting your WordPress site.
Why Style & Buttons Are Not Working With Hide My WP?
Fix CSS, JavaScript, and button issues after activating WP Ghost. Step-by-step troubleshooting for Text Mapping, hidden paths, META IDs, and cache conflicts.
How Do I Block WP Content in WordPress? (WP Ghost Guide)
Block direct access to wp-content by changing the path and hiding it with WP Ghost. Step-by-step guide to protect themes, plugins, and uploads from bots.
What Is the WP Ghost Security Plugin for WordPress?
WP Ghost is a hack-prevention WordPress plugin that hides default paths, adds 7G/8G firewall rules, 2FA with passkeys, and brute force protection. Learn what it does.
How Do I Make My WordPress Site Invisible?
Hide your WordPress site during development with maintenance mode and noindex, then make it invisible to bots and scanners with WP Ghost path security.
What Is the Best Plugin for Cloaking WordPress?
WP Ghost cloaks WordPress by changing all default paths, removing CMS fingerprints, and simulating Drupal or Joomla. Bots and detectors cannot identify your site.
Latest KB Articles
