Blog

Hide WordPress Website from Theme Detectors or From Hackers’ Bots?

We’re usually asked if there is a chance to “completely” hide a website from WordPress theme detectors.

It’s a good question, but usually, the real question behind it is if there is a chance to protect the website so that hackers will not be able to break in.

(more…)

Hide Gutenberg Classes With Hide My WP Ghost

With Hide My WP Ghost you can now hide the Gutenberg block classes in the frontend.

To avoid any theme style issue we didn’t add this feature automatically in the plugin but I will show you how to do that in just seconds.

1. Go to Hide My WP Ghost> Mapping > Text Mapping and add the text like wp-block-media => media

(more…)

Load Theme Style Dynamically And Hide Paths

1 Comment

Because the CSS and JS are called statically for a good loading speed of the entire website, Hide My WP Ghost will not change the paths and remove the comments within the website theme style.

If you really want to change the paths and remove the theme comments, you can set Hide My WP Ghost to load it dynamically.

(more…)

Customize WordPress Uploads Directory

Method #1 – Change wp-content/uploads with wp-config.php

This solution is simple, but it involves editing a core WordPress file.

First, access the root directory of your WordPress installation using the File Manager in your web hosting CPanel or using an FTP client. Then find a file named wp-config.php and open the file to edit.

Then add the following line in the wp-config file:

define( ‘UPLOADS’, ‘wp-content/storage’ );

(more…)

Hide the Image Paths for Elementor, Divi, Thrive and Other Builders

5 Comments

Hide My WP Ghost works well with all the WordPress builders. Once you save the page, Hide My WP Ghost Plugin will know what to do to hide the on-page paths and change them with the new one.

(more…)

Lesson 4 – Events Log & Email Alerts

This is a must-use feature if you have a team working on your website. Sometimes it’s important to track a user’s actions to see if they have accessed and changed settings that were not supposed to be changed.

Note! For the following features, you need to have the Hide My WP Ghost version installed.

Step 1. Activate the Events Log

Once you switch on Hide My WP Ghost > Events Log > Log User Events you will start the user logging process on the cloud. The plugin will save all the known actions and details about every action, so it will be easy to understand what a user did on the website.

(more…)

Lesson 2 – How to Activate Brute Force Protection

In the previous lesson, you learned how to customize the common WordPress paths.

Now it’s time to learn how to protect the custom wp-login path from Brute Force attacks if you make it public for subscribers.

Note! You need to be aware that you don’t need to have just one login path. If your theme has a login path for subscribers, you can activate the theme’s security for that URL and have your own secret login path withHide My WP Ghost.

Good, now that you have set a login path in Hide My WP Ghost, it’s time to activate the Brute Force attack protection for it.

(more…)

Lesson 3 – How to Hide Your Site From WordPress Theme Detectors & Hackers Bots

In the previous lesson you learned how to protect your login page from Brute Force attacks, it’s time to learn how to hide your website from WordPress theme detectors and hackers’ bots.

Note! Please read Hide WordPress from Theme Detectors or from Hackers Bots?

Changing the common WordPress paths will not guarantee that the WordPress CMS is completely hidden. The old paths are still accessible and hackers are still able to inject SQL and Javascript into vulnerable installed plugins and themes.

Follow the next steps, and learn what you need to do to fully protect your website.

(more…)

Lesson 1 – How to Hide Your WordPress Website with Hide My WP Ghost

In this lesson, I will teach how to customize the paths and hide your WordPress website from theme hackers bots.
Now that you have downloaded the plugin and installed it on your website, you need to make sure you take full advantage of all its features.

Our challenge with Hide My WP Ghost was to offer an easy-to-set-up plugin and a stable and complex security plugin that would protect websites from almost all known WordPress attacks.

(more…)

Use URL Mapping in Hide My WP Ghost

2 Comments

To activate this feature, go to Hide My WP > Overview.

URL Mapping was created to help you change JS and CSS URLs that Hide My WP Ghost didn’t change into custom once without breaking the website functionality.

(more…)

Website Security Check Report

3 Comments

If WPPlugins founds any security issues, it means that your WordPress CMS is easily detectable, which leaves your site exposed to hackers.

If you don’t act NOW, it’s very likely that hacker bots will manage to break into your website sooner or later. If they do, they usually remove the website content entirely and steal your database information.

The loss and recovery costs can be … oh well … you do the math.

Below you will find more details and solutions for each security breach WPPlugins may uncover for your site.

(more…)

Hide My WP Codecanyon Alternative

Even if Hide My WP Ghost plugin’s name is similar with the Codecanyon plugin, the features and functionality are not.

Hide My WP Ghost is a plugin built for WordPress directory dedicated for both experts and non-experts.
We’ve tried to minimize interactions with the config files and came with original ideas who were probably copied by the Hide My WP Codecanyon over time.

(more…)

Install Hide My WP Ghost Lite

Learn how to download and install Hide My WP Ghost Lite.

This tutorial will teach you how to hide the common paths and how to activate the plugin in Lite Mode.
Note, the Lite Mode will not protect you from all the hackers bots, if you need a complex security plugin please read here.

Download

Download Hide My WP Free Plugin

Download Plugin

(more…)

Install Hide My WP Ghost

7 Comments

Learn how to download and install Hide My WP Ghost.

This tutorial will teach you how to hide all the paths, plugins and themes and how to activate the plugin in Safe Mode or Ghost Mode.
In other words, you will activate all the security features you need to keep the hackers bots away from your website.

Download

Connect to your account and download Hide My WP Ghost premium plugin

Download Plugin

(more…)

What Hide My WP Ghost Can’t Do

We work hard to make Hide My WP Ghost plugin for keeping your website safe using security through obscurity and at the same time to have a fast loading website with good SEO results in Google search engine.

Most hackers are using bots who access the vulnerable plugin paths and inject javascript or SQL to get valuable data from your website. We made sure that Hide My WP Ghost will protect you from these types of attacks.

(more…)

Grant and Revoke Permissions to Database Using phpMyAdmin

7 Comments

You can customize the database permission if the server allows this.

For WordPress website, you can leave only the following permissions enabled:

SELECT
INSERT
UPDATE
DELETE
ALTER (for updates)
CREATE TABLE
DROP TABLE
INDEX

Follow the pictures:

2. In the “Privileges” tab which list your users click the “Edit Privileges” of the user.

Then select the database:

After that specific the privileges by checking them and then select your table as shown in the picture:

After you select your table, you can define the operations in detailed:

Hide My WP Ghost Compatibility Plugins List

Hide My WP Ghost is compatible with the most popular plugins. We are continuously working on this to further extend the list of plugins that Hide My WP Ghost is compatible with.

We’ve tested Hide My WP Ghost with over 1,000 plugins and themes so far, and we’ll keep at it, but if you DON’T see a plugin you may be using on our list here just yet, it doesn’t mean Hide My WP Ghost won’t work with it or cause issues.

Hide My WP Ghost doesn’t physically change any path or file. Rewrites happen when a browser accesses files and paths.

Software will still be able to access the images from wp-content, for example, so images will still be displayed inside the landing pages you build for the sales funnels.

The latest WordPress plugins we checked and made sure they work with Hide My WP Ghost:

(more…)

Hide My WP Ghost Compatible With WP Engine

If you are using WP Engine to host your WordPress website and you want to increase its security by using Hide My WP Ghost, follow the steps below to set up Ghost mode and add the necessary records in WP Engine.

Step 1: Install and activate Hide My WP Ghost on your WordPress website.

Step 2: Open Hide My WP Ghost settings and go to the Safe Mode or Ghost Mode tab.

Step 3: Enable Safe Mode or Ghost Mode by clicking the corespondent button.

Step 4: Configure the paths to your preferences. You can choose which URLs to hide, which ones to redirect, and which ones to replace with custom paths.

Step 5: Save the changes, check the rules you receive in the notification bar and go to the WP Engine User Portal.

Step 6: Select the environment you want to configure a redirect for.

Step 7: If you want to redirect a specific domain, make sure it is also mapped to the same environment.

Step 8: Click on Redirect Rules.

Step 9: To add a new redirect rule, click on the New Redirect Rule button.

Step 10: Configure your redirect by adding the old URL and the new destination URL. Also choose the type of redirect you want to use accordingly with the rules from Hide My WP Ghost.

Step 11: Click on Save or Add another to create the redirect rule.

By following these steps, you should be able to set up Hide My WP Ghost and add the necessary redirect rules in WP Engine to increase the security of your WordPress website

(more…)

Hide My WP Ghost Compatible With Inmotion WordPress Hosting

2 Comments

Inmotion Hosting is a good hosting solution for your business and if you start an hosting plan with them you will love their services.

Inmotion is using a Cache Manager base on Nginx and it will automatically cache all static files like: CSS, Javascript and Image files.

To make Hide My WP Ghost work and redirect all the static files you need to follow these steps:

(more…)

Hide My Wp Ghost – Why You Must Have It!

4 Comments

Hide My Wp Ghost is an easy to use product designed to provide you with the best protection against hackers.

When you start using this plugin, you will be able to hide the fact that you are using WordPress on your site.

(more…)

Hide WordPress Website From Builtwith

Even if WordPress is one of the safest content management system online, you cannot be completely sure that no one can hack your website if you are using WordPress. There are so many insecure plugins and themes that can be tracked by hackers around the world.

How To Hide WordPress From BuiltWith

Hide My WP Ghost is designed to ensure perfect protection against hackers around the world. Note that BuiltWith is a popular platform that provides hackers information about on which platform a particular website is running so that they can further plan their destructive activities.

Experts reveal that Hide My WP Ghost hides the website from https://builtwith.com if the users are setting the Ghost mode to Hide My WP Ghost plugin.

(more…)

The Frontend Theme Style Not Loading while in Ghost Mode

If you followed all the Hide My WP Ghost indications, probably it’s a .htaccess file issue.

Please check the .htaccess file and look for

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

(more…)

Changelog

= 8.1.02 =

Update – Added the AI support in the plugin settings page
Update – Remove the help icons for the plugin whitelabel option with custom domain
Fixed – Prevent changing the login path in posts slug

= 8.1.01 =

Update – Changed Hide My WP Ghost plugin name with short WP Ghost
Update – WP Ghost comes with a new plugin logo in 2025
Update – More security on REST API for user listing when User Security is activated
Update – Plugin Security and Firewall rules

= 8.0.21 =

Update – Added gif and tiff to media redirect in Hide WP Common Paths
Update – Allow activating hmwp_manage_settings capability only for a user using Roles & Capabilities plugin
Fixed – Layout and improved functionality

= 8.0.20 =

Update – Compatibility with WP 6.7
Update – Compatibility with LiteSpeed Quic Cloud IP addresses automatically
Fixed – Litespeed cache plugin compatibility and set /cache/ls directory by default
Fixed – Whitelist website IP address on REST API disable to be able to be accessed by the installed plugins

= 8.0.19 =

Fixed – Compatibility with LiteSpeed when CDN is not set
Fixed – Change paths when www. prefix exists on the domain

= 8.0.17 =

Update – Compatibility with WP Rocket Background CSS loader
Update – Compatibility with LiteSpeed Cache CDN
Update – Map Litespeed cache directory in URL Mapping
Fixed – Remove dynamic CSS and JS when Text Mapping is switched off
Fixed – Prevent changing wp-content and wp-includes paths in deep URL location and avoid 404 errors

= 8.0.16 =

Update – Layouts, colors
Update – Added Drupal 11 in CMS simulation
Update – Set 404 Not Found error as default option for hidden paths
Fixed – Compatibility with Wordfence Scan
Fixed – Changed deprecated PHP functions
Fixed – Warnings when domain schema is not identified for the current website
Fixed – Redirect to homepage the newadmin when user is not logged in

= 8.0.15 =

Fixed – Compatibility with WP 6.6.2
Fixed – Compatibility with Squirrly SEO buffer when other cache plugins are active
Fixed – Compatibility with Autoptimize minify

= 8.0.14 =

Update – Added the option to select all Countries in Geo Blocking
Update – Brute Force compatibility with UsersWP plugin
Update whitelist path to not check Brute force reCaptcha in case of login whitelist paths

= 8.0.13 =

Update – Added the option to disable Copy & Paste separately
Fixed – PHP Error on HMWP_Models_Files due to the not found class
Fixed – Layout, Typos, Small Bugs

= 8.0.12 =

Update – Compatibility with Wordfence

= 8.0.11 =

Update – Plugin security and compatibility with WP 6.6.1 & PHP 8.3
Update – Adding wp-admin path extensions into firewall when user is not logged in

= 8.0.10 =

Fixed – Google reCaptcha on frontend popup to load google header if not already loaded
Fixed – Hide New Login Path to allow redirects from custom paths: lost password, signup and disconnect
Fixed – WP Multisite active plugins check to ignore inactive plugins
Fixed – Small bugs

= 8.0.09 =

Update – Add security preset loading options in Hide My WP > Restore
Fixed – Library integrity on the update process
Fixed – Cookie domain on WP multisite to redirect to new login path when changing sites from the network
Fixed – Brute Force shortcode to work with different login forms

= 8.0.07 =

Fixed – Compatibility with WP 6.6
Fixed – Security update on wp-login.php and login.php

= 8.0.06 =

Update – Compatibility with WordPress 6.5.5
Update – Added the option to immediately block a wrong username in Brute Force
Update – Sub-option layouts
Fixed – File Permission check to receive the correct permissions when is set stronger than required
Fixed – Hide login.php URL when hide default login path
Fixed – Small bugs

= 8.0.05 =

Update – Added more path in Frontend Test to make sure the settings are okay before confirmation
Fixed – Compatibility with Wordfence to not remove the rules from htaccess
Fixed – Filter words in 8G Firewall that might be used in article slugs
Fixed – Trim error in cookie when main domain cookie is set
Fixed – Login header hooks to not remove custom login themes

= 8.0.03 =

Fixed – isPluginActive check error when is_plugin_active is not yet declared
Fixed – Disable clicks and keys to work without jQuery
Fixed – Compatibility with Wordfence scan process

= 8.0.02 =

Fixed – Show error messages in Temporary login when a user already exists
Fixed – Temporary users to work on WP Multisite > Subsites

= 8.0.01 =

Fixed – Login security when Elementor login form is created and Brute Force is active
Fixed – Login access when member plugins are used for login process
Fixed – Firewall warning on preg_match bot check in firewall.php

= 8.0.00 =

Update – Added Country Blocking & Geo Security feature
Update – Added Firewall blacklist by User Agent
Update – Added Firewall blacklist by Referrer
Update – Added Firewall blacklist by Hostname
Update – Added ‘Send magic link login’ option in All Users user row actions on Hide My WP Advanced Pack plugin
Update – Added the option to select the level of access for an IP address in whitelist
Removed – Mysql database permission check as WordPress 6.5 handles DB permissions more secure
Moved – Firewall section was moved to the main menu as includes more subsections
Fixed – 8G Firewall compatibility with all page builder plugins

= 7.3.05 =

Update – Compatibility with WPEngine rules on wp-admin and wp-login.php
Update – New Feature added “Magic Login URL” on Hide My WP Advanced Pack plugin
Update – Search option in Hide My WP > Overview > Features
Update – Send Temporary Logins in Events log
Fixed – Prevent firewall to record all triggered filters as fail attempts
Fixed – Remove filter on robots when 8G firewall is active
Fixed – Frontend Login Check popup to prevent any redirect to admin panel in popup test
Fixed – Prevent redirect the wp-admin to new login when wp-admin path is hidden
Fixed – Don’t show Temporary Logins & 2FA in main menu when deactivated

= 7.3.03 =

Update – 8G Firewall on User Agents filters
Update – Compatibility with WP 6.5.3
Update – Load the options when white label plugin is installed
Fix – Restore settings error on applying the paths
Fix – Prevent redirect the wp-admin to new login when wp-admin path is hidden

= 7.3.01 =

Update – Added translation in more languages like Arabic, Spanish, Finnish, French, Italian, Japanese, Dutch, Portuguese, Russian, Chinese
Fix – ‘wp_redirect’ when function is not yet declared in brute force
Fix – ‘wp_get_current_user’ error in events log when function is not yet declared

= 7.3.00 =

Update – Added the option to detect and fix all WP files and folders permissions in Security Check
Update – Added the option to fix wp_ database prefix in Security Check
Update – Added the option to fix admin username in Security Check
Update – Added the option to fix salt security keys in Security Check
Update – Layout and Fonts to integrate more with WordPress fonts
Update – 7G & 8G firewall compatibility to work with more WP plugins and themes
Fix – “wp_get_current_user” error in events log when function is not yet declared

= 7.2.07 =

Update – Added the option on Apache to insert the firewall rules into .htaccess
Fixed – Screen 120dpi display layout
Fixed – Hide reCaptcha secret key in Settings

= 7.2.06 =

Update – Added the 8G Firewall filter
Update – Added the option to block the theme detectors
Update – Added the option to block theme detectors crawlers by IP & agent
Update – Added compatibility with Local by Flywheel
Update – Firewall loads during WP load process to work on all server types
Fixed – Load most firewall filters only in frontend to avoid compatibility issues with analytics plugins in admin dashboard
Fixed – Avoid loading recaptcha on Password reset link
Fixed – Avoid blocking ajax calls on non-admin users when the Hide wp-admin from non-admin users is activated

= 7.2.05 =

Update – Added the option ot manage/cancel the plan on Hide My WP Cloud
Fixed – Custom login path issues on Nginx servers
Fixed – Issues when the rules are not added correctly in config file and need to be handled by HMWP
Fixed – Don’t change the admin path when ajax path is not changed to avoid ajax errors

= 7.2.04 =

Compatibility with WP 6.5
Update – Compatibility with CloudPanel & Nginx servers
Fixed – Warning in Nginx for $cond variable

= 7.2.03 =

Compatibility with PHP 8.3 & WP 6.4.3
Update – Compatibility with Hostinger
Update – Compatibility with InstaWP
Update – Compatibility with Solid Security Plugin (ex iThemes Security)
Update – Added the option to block the API call by rest_route param
Update – Added new detectors in the option to block the Theme Detectors
Update – Security Check for valid WP paths
Fixed – Don’t load shortcode recapcha for logged users
Fixed – Rewrite rules for the custom wp-login path on Cloud Panel and Nginx servers
Fixed – Issue on change paths when WP Multisite with Subcategories
Fixed – Hide rest_route param when Rest API directory is changed
Fixed – Multilanguage support plugins
Fixed – Small bugs & typos

= 7.2.02 =

Update – Add shortcode on BruteForce “hmwp_bruteforce” for any login form
Update – Add security schema on ssl websites when changing relative to absolute paths
Update – Compatibility with WP 6.4.2 & PHP 8.3
Fixed – Change the paths in cache files when WP Multisite with Subdirectories
Fixed – Small bugs in rewrite rules

= 7.2.01 =

Update – Compatibility with WP 6.4.1 & PHP 8.3
Update – The Frontend Check to check the valid changed paths
Update – The Security Check to check the plugins updated faster and work without error with Woocommerce update process
Update – Compatibility with Solid Security Plugin (ex iThemes Security)
Update – Hidden wp-admin and wp-login.php on file error due to config issue
Update – Hide rest_route param when Rest API directory is changed
Update – Add emulation for Drupal 10 and Joomla 5
Fixed – Hide error when there are invalid characters in theme/plugins directory name
Fixed – Small bugs

= 7.2.00 =

Update – Compatibility with WP 6.3.2
Update – Added the 2FA feature with both Code Scan and Email Code
Update – Added the option to add random number for static files to avoid caching when users are logged to the website
Fixed – Added the option to pass the 2FA and Brute Force protection when using the Safe URL
Fixed – Tweaks redirect for default path wasn’t saved correctly
Fixed – Small Bugs

= 7.1.17 =

Fixed – File extension blocked on wp-includes when WP Common Paths are activated
Fixed – Remove hidemywp from file download when the new paths are saved

= 7.1.16 =

Update – Compatibility with WP 6.3.1
Update – Compatibility with WPML plugin
Update – Security on Brute Force for the login page
Fixed – Small Bugs

= 7.1.15 =

Update – Compatibility with WP 6.3
Update – Security Check Report for debugging option when debug display is set to off
Update – Security Check Report for the URLs and files to follow the redirect and check if 404 error

= 7.1.13 =

Update – Compatibility with more 2FA plugins
Update – Compatibility with ReallySimpleSSL

= 7.1.12 =

Update – Compatibility with more 2FA plugins

= 7.1.11 =

Update – Json Response using WP functions
Update – Check the website logo on Frontend Check with custom paths
Fixed – Loading icon on settings backup
Fixed – Small bugs

= 7.1.10 =

Update – Compatibility with WP 6.2.2
Fixed – Update checker to work with the latest WordPress version
Fixed – Hide wp-login.php path for WP Engine server with PHP > 7.0

= 7.1.08 =

Update – Added the user role “Other” for unknown user roles
Update – Sync the new login with the Cloud to keep a record of the new login path and safe URL

= 7.1.07 =

Update – Compatibility with WPEngine hosting
Update – Compatibility with WP 6.2.1
Fixed – Loading on defaut ajax and json paths when the paths are customized
Fixed – Compatibility issues with Siteground when Ewww plugin is active
Fixed – To chnage the Sitegroud cache on Multisite in the background

= 7.1.06 =

Update – Compatibility with Siteground
Update – Compatibility with Avada when cache plguins are enabled

= 7.1.05 =

Update – Add compatibility for Cloud Panel servers
Update – Add the option to select the server type if it’s not detected by the server
Fixed – Remove the rewrites from WordPress section when the plugin is deactivated
Fixed – User roles names display on Tweaks

= 7.1.04=

Update – File processing when the rules are not set correctly
Update – Security headers default values
Fixed – Compatibilities with the last versions of other plugins
Fixed – Reduce resource usage on 404 pages from version 7.1.03 = 7.1.02 (24 Apr 2023) =
Update – Compatibility with other plugins
Update – UI & UX to guide the user into the recommended settings
Update – Compatibility with WP User Manager plugin
Update – Security in Brute force option to work with more plugins
Update – Compatibility with Ewww Image Optimizer plugin CDN option
Fixed – Increased plugins speed on compatibility check
Fixed – Common paths extensions check in settings

= 7.0.15 =

Update – Add the option to check the frontend and prevent broken layouts on settings save
Fixed – My account link on multisite option

= 7.0.14 =

Update – Compatibility with WP 6.2
Update – Added the option to whitelist URLs
Update – Added the sub-option to show a white-screen on Inspect Element for desktop
Update – Added the options to hook the whitelisted/blacklisted IPs
Fixed – small bugs / typos / UI

= 7.0.12 =

Compatibile with WP 6.2
Fixed – Handle the physical custom paths for wp-content and uploads set by the site owner
Fixed – Compatibility with more plugins and themes

= 7.0.11 =

Update – Remove the atom+xml meta from header
Update – Save all section on backup restore

= 7.0.10 =

Update – Remove the noredirect param if the redirect is fixed
Update – Check the XML and TXT URI by REQUEST_URI to make sure the Sitemap and Robots URLs are identified
Update – Check the rewrite rules on WordPress Automatic updates too
Fixed – To remove the version from URL even if the ‘ver’ param doesn’t have any value
Fixed – Typo in Security Check

= 7.0.05 =

Update – Fix login path on different backend URL from home URL

= 7.0.04 =

Update – Compatibility with WP 6.1
Update – Add More security to XML RPC
Update – Add GeoIP flag in Events log to see the IP country
Update – Compatibility with LiteSpeed servers and last version of WordPress

= 7.0.03 =

Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
Fixed – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
Fixed – White screen on iphone > safari when disable inspect element option is on

= 7.0.02 =

Update – Add the Brute Force protection on Register Form to prevent account spam
Update – Added the option to prioritize the loading of HMWP Ghost plugin for more compatibility with other plugins
Update – Compatibility with LiteSpeed servers and last version of WordPress
Update – Compatibility with FlyingPress by adding the hook for fp_file_path on critical CSS remove process
Fixed – Remove the get_site_icon_url hook to avoid any issue on the login page with other themes
Fixed – Compatibility with ShortPixel webp extention when Feed Security is enabled
Fixed – Fixed the ltrim of null error on PHP 8.1 for site_url() path
Fixed – Disable Inspect Element on Mac for S + MAC combination and listen on Inspect Element window

= 7.0.01 =

Update – Added Temporary Login feature
Fixed – Not to hide the image on login page when no custom image is set in Appearance > Customize > Site Logo
Update – Compatibility with Nicepage Builder plugin
Update – Compatibility with WP 6.0.2

= 6.0.24 =

Update – Add Custom Emulator in the website header
Update – Add Joomla 4 CMS emulator

= 6.0.23 =

Update – Compatibility with the last version of Flywheel including Redirects
Fix – Don’t show brute force math error for pages where the Brute Force is not loaded
Fix – Compatibility with Breakdance plugin
Fix – Fixed the ltrim of null error on PHP 8.1 for site_url() path

= 6.0.22 =

Fix – URL Mapping for Nginx servers to prevent 404 pages
Fix – PHP error in Security Check when the X-Powered-By header is not string
Fix – Compatibility with Wp-Rocket last version
Fix – infinite loop in admin panel

= 6.0.20 =

Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – New feature added to automatically redirect the logged users to the admin dashboard
Fixed the hidden URLs process
Fixed the site_url() and home_url() issue when they are different
Add compatibility with WordPress 6.0

= 6.0.19 =

Update – Add compatibility with Elementor Builder plugin for WP Multisite
Update – Tested/Update Compatibilities with more themes and plugins

= 6.0.18 =

Add compatibility with LiteSpeed webp images
Update – Update Compatibilities
Fix – Small Bugs

= 6.0.16 =

Update – Added compatibility with Backup Guard Plugin
Update – Prevent affecting the cron processes on Wordfence & changing the paths during the cron process
Update – Change the WP-Rocket cache files on all subsites for WP Multisite
Update – Automatically add the CDN URL if WP_CONTENT_URL is set as a different domain
Fixed the Change Paths for Logged Users issue

= 6.0.15 =

Update – Added 7G Firewall option in Hide My WP > Change Paths > Firewall & Headers > Firewall Against Script Injection
Update – Fixed the menu hidden issue when other security plugins are active
Update – Compatibility with Login/Signup Popup plugin when Brute Force Google reCaptcha is activated
Update – Compatibility with Buy Me A Cofee plugin
Fixed – Library loading ID in HMWP Ghost

= 6.0.14 =

Update – Security & Compatibility
Update – Compatibility with Namecheap hosting
Update – Compatibility with Ploi.io
Fixed – Removed the ignore option from Nginx notification
Fixed – The Security check on install.php and upgrade.php files
Fixed – The Restore to default to remove the rules from the config file

= 6.0.13 =

Update – Added new option in Login Security: Hide the language switcher option on the login page
Update – Compatibility with WordPress 5.9
Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – Compatibility with WPS Hide Login
Fix – Popup issue when Safe Mode or Ghost Mode is selected and other plugins are modifying the bootstrap javascript
Fix – 404 error on WordPress upgrade when access the file upgrade.php for logged users
Fix – Brute Force blocking Wordfence Cron Job

= 6.0.12 =

Update – Compatibility with Smush plugin
Update – Compatibility with WordPress 5.8.3
Update – Compatibility with Wordfence 2FA when reCaptcha is active
Fix – Infinit loop when POST action on unknown paths

= 6.0.11 =

Update – Added the Ctrl + Shift + C restriction when Inspect Element option is active
Update – Added the features text for translation
Update – Removed the WordPress title tag from login/register pages
Update – Added the option to ignore the notifications and avoid repeating alerts
Fix – Remove the login URL from the logo on the custom login page
Fix – Set Filesystem to direct connection for file management

= 6.0.10 =

Update – Added Permissions-Policy & Referrer-Policy default security headers
Update – Added the option to disable Right-Click for logged users and user roles
Update – Added the option to disable Inspect Element for logged users and user roles
Update – Added the option to disable View Source for logged users and user roles
Update – Added the option to disable Copy/Paste for logged users and user roles
Update – Added the option to disable Drag/Drop for logged users and user roles
Fix – Whitelist and Blacklist error messages in Brute Force when no IP was added
Fix – Typos in HMWP Ghost plugin

= 6.0.09 =

Fix – Remove Sitemap style from Yoast, Rank Math, XML Sitemap on Nginx servers when the option Change Paths in Sitemaps XML is active
Update – Compatibility with Wordfence Security Scan when the wp-admin is hidden
Update – Compatibility with the Temporary Login Without Password plugin to work with the passwordless connection on custom admin
Update – Compatibility with the LoginPress plugin to work with the passwordless connection on custom admin
Update – Compatibility with WordPress Sitemap, Rank Math SEO, SEOPress, XML Sitemaps to hide the paths and style on Nginx servers

= 6.0.08 =

Update – Compatibility with Nitropack
Update – Compatibility with OptimizePress Dashboard
Update – Change the Plugin Name on update check success message
Update – Compatibility with Bricks Builder
Update – Compatibility with Zion Builder
Fix – Compact the frontend scripts for removing right click and keys
Fix – Add links to the Change Paths page from Security Check

= 6.0.07 =

Update – Select the WordPress common files you want to hide
Update – Add the option to block comments that may lead to spam
Update – Removed Plugins Section from Settings
Update – Removed any affiliate links from the plugin
Update – Compatibility with MainWP
Update – Compatibility with Limit Login Attempts Reloaded
Update – Compatibility with Loginizer
Update – Compatibility with Shield Security
Update – Compatibility with iThemes Security
Fix – Login & Logout redirects for Woocommerce
Fix – Don’t show the rewrite alert messages if nothing was changed in HMWP

= 6.0.06 =

Update – Update the White Label options to remove plugin name, and author while the plugin is active
Fix – Added handle when the plugin is not installed correctly
Fix – Avoid changing the cache in the paths like plugins and themes and broke the website

= 6.0.05 =

Update – Add the option to hide the wp-admin path for non-admin users
Update – Advanced Text Mapping to work with Page Builders in admin
Update – Changing the paths in sitemap.xml and robots.txt to work with all SEO plugins
Update – Translate the plugin in more languages
Update – Select the cache directory if there is a custom cache directory set in the cache plugin
Update – Show the change in cache files option for more cache plugins
Fixed – Showing the old paths on unfound files
Fixed – Not load the Click Disable while editing with Page Builders

= 6.0.04 =

Update – Use WordPress filesystem for all file actions
Fixed – Rewrite built on custom register and lostpassword path
Fixed – wp_ previx detection in Website Security Check
Fixed – plugin typos & translations

= 6.0.03 =

Update – Added compatibility with JCH Optimize 3 plugin
Update – Added compatibility with Oxygen 3.8 plugin
Update – Added compatibility with WP Bakery plugin
Update – Added compatibility with Bunny CDN plugin
Update – Update compatibility with Manage WP plugin
Update – Update compatibility with Autoptimize plugin
Update – Update compatibility with Breeze plugin
Update – Update compatibility with Cache Enabler plugin
Update – Update compatibility with CDN Enabler plugin
Update – Update compatibility with Comet Cache plugin
Update – Update compatibility with Hummingbird plugin
Update – Update compatibility with Hyper Cache plugin
Update – Update compatibility with Litespeed Cache plugin
Update – Update compatibility with Power Cache plugin
Update – Update compatibility with W3 Total Cache plugin
Update – Update compatibility with WP Fastest Cache plugin
Update – Update compatibility with iThemes plugin
Update – Added compatibility with Hummingbird Performance plugin
Fix – Small Bugs

= 6.0.00 =

Update – A new UI for Hide My WP Ghost
Update – Compatibility with more plugins and themes
Update – Added new Features: Disable Right Clicks, Copy-Paste, Drag-Drop, View-Source
Feature Update: Select User Role for Hide Admin Toolbar option
Feature Update: Get Events User report from Cloud directly in the plugin
Feature Update: Select Quick Text Mapping from WP Common Classes

Hide WordPress Website From Wappalyzer

8 Comments

WordPress is one of the safest content management system online. Developers at this company keep on updating the security parameters to address potential vulnerabilities.

However; we cannot be completely sure that no one can track your data on this platform. There are so many insecure plugins and themes that can be tracked by hackers around the world.

(more…)

Hide My WP Ghost and CDN Enabler

2 Comments

Hide My WP Ghost is compatible with CDN Enabler. You can easily add CDN service from bunnycdn.com to work with the new paths from Hide My WP Ghost plugin.

Please follow these steps in order to work correctly:

1. Switch ON the option in Hide My WP > Advanced > Late Loading

(more…)

How Do I Know If My Website Is Hidden from Detectors & Hackers

Make sure you follow the setup instructions:
Lesson 3 – How to Hide Your Site From WordPress Theme Detectors & Hackers Bots

(more…)

Setup Hide My WP Ghost on Nginx Server

3 Comments

No nginx.conf file access?

If you have a sharing hosting service, you can follow this tutorial and use only the features that don’t need rewrite rules in nginx.conf file:
https://hidemywpghost.com/how-to-use-hide-my-wp-ghost-with-nginx-hosting-without-editing-config-files/

Please follow this tutorial step by step to set up the Hide My WP Ghost for Nginx server:

In your WordPress dashboard, go to Hide My WP > Change Paths
Select the Safe Mode or Ghost Mode, scroll down and customize the paths as you like

Click the Save button to save the changes.
You will see a message to include the configuration file into nginx.conf file.

If your server is a Linux server, the main path to the nginx.conf file is /etc/nginx/nginx.conf (or /etc/nginx/conf/nginx.conf if you’re using Arch Linux). If the server is a Windows server your nginx.conf file will be located at C:/nginx/conf/nginx.conf)

If your nginx doesn’t have sites-enabled option activated (check for sites-enabled subdirectory in the same directory with nginx.conf file), you will find the server configuration in nginx.conf file like in the below example:

server {
        server_name [your domain name];
        root [path to the website root];
        index index.php;

        location / {
                try_files $uri $uri/ /index.php?$args;
        }

}

(more…)

Hide All The WordPress Common Files with Hide My WP Ghost

2 Comments

What Hide My WordPress Ghost can do:

You can set the Ghost mode to hide all the main WordPress paths:

wp-content
wp-includes
wp-content/uploads
wp-content/plugins
wp-content/themes
wp-comments-post.php
author
wp-json
wp-login.php, wp-login, login
wp-admin
and all the plugins and themes names
show forbidden error for all the old paths and let only the new paths
custom URLs using the URL Mapping feature

(more…)

Set Hide My WP Ghost For Bitnami Servers

#1 Bitnami Setup for Apache Servers

Step1: Install, Setup Hide My WP Ghost Plugin and click the Save button with the new paths.

Step2: Copy the rewrite rules from Hide My WP Ghost into Bitnamy config file

Bitnami uses “htaccess.conf” files by default instead of “.htaccess” files for security and performance reasons. You can find more info at https://docs.bitnami.com/general/apps/redmine/administration/use-htaccess/

(more…)

Configure Hide My WP Ghost On Nginx Web Server With Virtual Private Server

2 Comments

Setting Hide My Wp Ghost on a Nginx server it’s pretty easy.

Nginx stores its configuration files in the “/etc/nginx” directory.

Inside of this directory, you will find a few directories and various modular configuration files:

cd /etc/nginx
ls -F

(more…)

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.