Are you having trouble accessing the login path of your WordPress site through the traditional wp-admin path? If so, it may be because your site is secured by the Hide My WP Ghost plugin.

This plugin provides an extra layer of security to your site by hiding the wp-admin path and redirecting users to a custom login path.

However, if you still want to use the old wp-admin path, you can easily switch off the option in the plugin’s settings.

Simply go to Hide My WP > Change Paths > Admin Security and turn off the option to “Hide wp-admin.” Once you’ve done this, you should be able to access the backend of your site as usual.

It’s important to remember that while the wp-admin path is the most commonly used path for accessing the backend of a WordPress site, it’s also one of the most commonly targeted paths for malicious attacks. By using the Hide My WP Ghost plugin to secure your site, you can help to protect yourself against these attacks and keep your site safe.

To disable XML-RPC using Hide My WP Ghost, follow these steps:

1. Install and activate the Hide My WP Ghost plugin on your WordPress site.
2. Go to the plugin’s settings page, which can be found by going to Hide My WP in your WordPress admin dashboard.
3. In the plugin’s settings, go to the Change Paths tab and scroll down to the API Security section.
4. In the API Security section, you will see an option to disable XML-RPC. Simply switch on the box next to this option and save your changes.
5. Once you have saved your changes, XML-RPC will be disabled on your WordPress site.

Note: Disabling XML-RPC may prevent some functionality on your WordPress site, such as the ability to use certain apps or plugins that rely on XML-RPC. Before disabling XML-RPC, make sure that you are not using any functionality on your site that requires it.

If you want to disable XML-RPC but still allow certain IP addresses to access it, you can use Hide My WP Ghost to do so. Simply add the IP addresses you want to allow in the plugin’s settings under the Change Paths > Whitelist IPs section. This will enable those IPs to access the XML-RPC option, while still disabling it for all other IPs.

Are you looking to add an extra layer of protection to your WordPress site? Look no further than Hide My WP Ghost.

This highly customizable plugin makes it easy to upgrade your site’s security in just minutes.

It’s compatible with other popular security solutions and provides an extra layer of security that others don’t offer for specific WordPress-related vulnerabilities.

With one click, users can pick from 3 pre-built security levels and automatically configure the plugin to achieve their desired level of protection.

Hide My WP Ghost helps protect your site against common attacks such as script and SQL injection and brute force by camouflaging vulnerabilities without physically changing any files or directories.

It works like an invisibility cloak, hiding your WordPress site from attackers.

The plugin also includes a security check feature that scans your entire site to indicate its current security level and uncover urgent threats that leave your site exposed to different types of attacks.

In addition to its camouflage and security check features, Hide My WP Ghost also provides custom security options, including custom login and logout redirects based on user roles, URL mapping to create friendly URLs for your site, and brute force protection to prevent repeated login attempts from the same IP address.

With over 200,000 secured WordPress sites and 4,000,000 brute force attempts blocked, Hide My WP Ghost is a reliable choice for enhancing your site’s security.

Yes, the plugin works with WP Umbrella but their connection is still made through the login page.

You can setup a custom login path using Hide My WP but you need to set the following option:

1. Switched OFFthe option Hide “login” option.

2. Set the same REST API path on Hide My WP and WP Umbrella settings

3. Confirm the new paths and clear the cache on your website.

By default, Hide My WP > Mapping > Text Mapping is changing the classes and IDs in CSS & Scripts.

1. If you want to change also the text from META Tags in WordPress, you need to install Hide My WP Ghost – Text Mapping METAs add-on.

2. To change the METAs in admin dashboard too, you need to add this line in wp-config.php

define(‘HMW_ALWAYS_CHANGE_PATHS’, true);

as guided in this article:
https://hidemywpghost.com/faqs/how-can-i-change-the-wp-paths-in-admin-dashboard/

3. In Hide My WP > Mapping > Text Mapping you can now add the text you want to change/hide from METAs. If you use {blank} param, the text will be replaced with blank.

Yes, we’ve tested both plugins and this is our experience with Elementor PRO and Custom Icons.

When we tested only Elementor plugin and tried to add icons from Fontello and IcoMoon we got blank icons.

The only icons that were uploaded correctly are from Fontastic website https://fontastic.me/.

Here is the icons package that worked on our test:
https://hidemywpghost.com/images/fontastic_fonts.zip

We could upload the icons without any issue with all HMWP Ghost options activated.

We also included the custom icons on a page using Elementor

By default, Hide My WP Ghost changes the paths only in frontend.

We don’t recommend this but if you want to change the path also in the admin dashboard, add this line in wp-config.php file

define('HMW_ALWAYS_CHANGE_PATHS', true);

Save the settings in Hide My WP Ghost and the WordPress paths will be changed in admin backend area.

By default, Hide My WP Ghost adds the rewrite rules in 2 places in .htaccess to avoid errors when other plugins are deleting the rules from .htaccess.

If you want to have the Hide My WP Ghost rewrite rules only inside the #BEGIN HMWP_RULES … #END HMWP_RULES add this line in the wp-config.php file.

define( 'HMW_RULES_IN_WP_RULES', false );

Save the settings in Hide My WP > Change Paths and the plugin will remove the rewrite rules from WordPress definition #BEGIN WordPress …. #END WordPress

You can set from Hide My WP > Change Paths > WP Core Security > Hide WordPress Common Paths the extension files you want to hide on the old paths.

By default, the images are not included as it may affect the indexed Google images.

After you change the paths, it will take a while for Google and other search engines to index the new images URL.

If you still want to hide the old images, add this line in wp-config.php file

define('HMW_HIDE_OLD_IMAGES', true);

and you will see the images option in the Hide File Extentions list:

Select the Images and save the settings.

Redirect images from the old paths to the new paths

It is important not to have the same image on two different URLs on a website to avoid duplicate content issues and to maintain good search engine optimization (SEO) practices. When search engines like Google detect duplicate content, it can negatively impact the website’s visibility and rankings in search results.

1. Set a new uploads path. Choose a directory name in Hide My WP > Change Paths > WP Core Security like “storage” where you want to store the uploaded images.

2. Add the below code in the config file.

For Apache/Litespeed, locate the .htaccess file in the root directory of your website and add the following code at the beginning of the file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{THE_REQUEST} /wp-content/uploads/[^\.]+(\.jpg|\.png|\.jpeg|\.webp|\.gif) [NC]
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-content/uploads/(.*)$ /storage/$2  [L,R=301]
</IfModule>

For Nginx servers add this code before the Hide My WP Ghost include line in the Nginx config file:

  if ($request_uri ~* ^/wp-content/uploads/[^\.]+(\.jpg|\.png|\.jpeg|\.webp|\.gif)){
    rewrite ^/wp-content/uploads/(.*)$ /storage/$1 redirect;
  }

This code utilizes mod_rewrite, a module that allows URL rewriting. It checks if the request is for an image file within the /wp-content/uploads/ directory and redirects it to the corresponding file in the /storage/ directory.

By implementing this solution, any requests for images in the old /wp-content/uploads/ directory will be redirected to the new /storage/ directory, preventing duplicate URLs for the same image.

By default, when you set Hide My WP Ghost plugin in Ghost Mode, you can login only with the new login path.

To activate the option to access the new admin path and to be redirected to the new login path, do this:

Switch OFF the option Hide My WP > Change Paths > Admin Security > Hide the New Admin Path

Once you switch off the option and save the settings, when you access the new admin path, it will redirect to the new login path.