Descriere

Level up your WordPress security with WP Ghost plugin!

WP Ghost (short for Hide My WP Ghost) is a comprehensive hack-prevention security solution for WordPress websites. It adds multiple layers of security to block hacker bots and prevent unauthorized access.

It works by changing and hiding common vulnerabilities, making it difficult for bots and hackers to exploit weak points in plugins, themes, and the WordPress core itself.

Join over 200,000 secured websites with WP Ghost. The plugin has blocked over 9 million brute force attempts and stopped over 140,000 monthly hacks.

Key features include powerful protection against:

Brute Force Attacks

SQL Injection Attacks

Atacuri cu injectare de script

Vulnerability Exploit

Malware Injection

XML-RPC attacks

File Inclusion Exploits

Directory Traversal Attacks

Default WP Paths Exploits

Cross-Site Scripting (XSS)

Throttling of Access Attempts to Entry Points

și altele

Protect your site today! WP Ghost hides and secures all common paths, plugins and themes from hacker bots and spammers.

YouTube – Why You Must Have Hide My WP

WP Ghost is packed with over 50 security free features:

Change and Hide Paths:

Hide WordPress wp-admin, and show 404 error or a custom page

Hide WordPress wp-login.php, and show 404 error or a custom page

Change the wp-admin and wp-login URLs

Change lost password URL

Change register URL

Change logout URL

Change activation URL

Change admin-ajax URL

Change wp-content URL

Change wp-includes URL

Change uploads URL

Change comments URL

Change author URL

Change plugins URL

Change plugins name

Change themes URL

Change themes name

Personalizează numele fișierului style.css al temei

Change REST API wp-json URL

Change category URL

Change tags URL

Custom login redirects based on user role

Custom logout redirects based on user role

Change URLs from Relative to Absolute

Modifică URL-urile în apelările Ajax

Change URLs for Logged Users

Change URLs in Cache Files

Change paths in Sitemap.xml

Change paths in Robots.txt

Firewall:

Two-factor Authentication By Code (2FA)

Two-factor Authentication By Email (2FA)

Security Headers against XSS & Code Injections

Security Header Strict-Transport-Security

Security Header Content-Security-Policy

Security Header X-XSS-Protection

Security Header X-Content-Type-Options

Security Header X-Frame-Options

Firewall against Script Injections and SQL Injection

7G Firewall Security Filter

8G Firewall Security Filter

Block by IP Addresses

Block by User Agents

Block by Referrers

Block by Hostnames

Hide Website from Theme Detectors

Hide Options:

Hide /wp-admin path

Hide /wp-login path

Hide /login path

Hide REST API wp-json path

Hide Admin Toolbar based on user role

Ascunde ID-urile stil și ID-urile META

Hide WordPress HTML comments

Hide Version and WordPress Tags

Hide DNS Prefetch WordPress link

Hide WordPress Generator Meta

Ascunde antetul RSD (Really Simple Directory)

Hide Emoticons if you don’t use them

Disable Options:

Disable REST API access

Dezactivează accesul XML-RPC

Dezactivează scripturile Embed

Dezactivează depanarea bazei de date în partea din față

Dezactivează scripturile WLW Manifest

Disable Select All – Ctrl+A (Windows and Linux), ⌘+A (macOS)

Disable Copy – Ctrl+C (Windows and Linux), ⌘+C (macOS)

Disable Cut – Ctrl+X (Windows and Linux), ⌘+X (macOS)

Disable Paste – Ctrl+V (Windows and Linux), ⌘+V (macOS)

Disable Save – Ctrl+S (Windows and Linux), ⌘+S (macOS)

Disable Inspect Element/Developer Tool – Ctrl+Shift+I (Windows and Linux), ⌘+⌥+I (macOS)

Disable View Source – Ctrl+U (Windows and Linux), ⌘+U (macOS)

Disable Right Click

Disable Drag-Drop

Disable Image Dragging by Mouse

Disable Text Selection

Disable Directory Browsing

Mapping Text and URLs:

Modifică URL-urile folosind maparea URL

Modifici clasele folosind mapare text

Modifică URL-urile CDN folosind maparea CDN

Modifică căile pentru fișierele cache

Change paths in the Feed link

Modifică căile pentru hărțile site XML

Modifică căile în Robots.txt

Brute Force Protection:

Brute Force Protection with Math reCaptcha

Brute Force Protection with Google reCaptcha V2

Protecție împotriva atacurilor cu forță-brută cu Google reCaptcha V3

Brute Force Protection on Login

Brute Force Protection on Password Lost

Brute Force Protection on Signup

Brute Force Protection on Comment

Brute Force Protection on Woocommerce Login

Brute Force Protection shortcode [hmwp_bruteforce]

Custom attempts, timeout, message

Gestionează IP-urile din lista neagră și lista albă

Extra Features:

Magic Link Login Without Password

Temporary Logins Without Password

Fix relative URLs

Backup and Restore settings

Change classes on source code using Text Mapping

Change URLs on source code using URL Mapping

Cache CSS, JS, and Images to optimize the loading speed

Weekly security checks and reports

Integrations:

Suport pentru WP multi-site

Suport pentru Nginx

Suport pentru IIS

Suport pentru LiteSpeed

Suport pentru Apache

Support for Siteground

Support for WP Engine

Support for AWS Hosting

Support for Inmotion Hosting

Support for Hostgator Hosting

Support for Godaddy Hosting

Support for Host1plus

Support for Payperhost

Support for Fastcomet

Support for Dreamhost

Support for Bitnami Apache

Support for Bitnami Nginx

Support for Google Cloud Hosting

Support for Litespeed Hosting

Support for Flywheels Local

Support for Flywheels Hosting

Support for Ploi Hosting

Support for Namecheap Hosting

Support for RunCloud Hosting

Support for WPEngine Hosting

Support for CloudPanel Hosting

Recommended by Wp Rocket

Recommended by WPML

Premium Security Features (over 70):

WordPress Hardening

Hide WordPress Common Paths by Extension

Hide WordPress Files like wp-config.php, wp-config-sample.php, wp-load.php, wp-settings.php, wp-blog-header.php, readme.html, readme.txt, install.php, license.txt, php.ini, hidemywp.conf, bb-config.php, error_log, debug.log

Events/Actions Monitoring (Cloud Backup)

Brute Force Monitoring (Cloud Backup)

Geo Security

Country Blocking

Vulnerability Management

Files Permission Fix

Database Prefix Change

SALT Keys Change

Premium Support

and more
Hide My WP Premium Feature

Compatible server types: WP Multisite, Apache, Litespeed, Nginx and Windows IIS.
Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Amazon AWS Lightsail, Litespeed Hosting, Flywheels Hosting, Kinsta Hosting, Ploi.io, CloudPanel, RunCloud

Plugins Compatibility updates: Woocommerce, WPML, WPMUDEV, W3 Total Cache, Gravity, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache, SiteGround Optimizer, Nitropack,
Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, Manage WP,
All In One SEO, Rank Math, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, Solid Security, Sucuri Security, Really Simple SSL, WordFence Security, WP Cerber Security, BBQ Firewall, Anti-Malware Security,
Back-Up WordPress, Elementor Page Builder, Divi Builder, Weglot Translate, AddToAny Share Btn, Limit Login Attempts Reloaded, Loginizer, Shield Security, Asset CleanUp, WP Hide & Security Enhancer, and more

Compatibility Plugins List: Hide My WP Compatibility Plugins
Compatibility Theme List: Hide My WP Compatibility Themes

WP Ghost changes and hides WP common paths, admin & login paths, plugin paths, and theme paths, protecting your site from hacker bots.

Note! No files or directories are physically altered. All changes are implemented through server rewrite rules, ensuring no impact on SEO or loading speed.

The plugin works with other security plugins and adds a layer of security to your WordPress website against hacker bots.

Check the Demo Website source code:
https://demo.wpghost.com/
(the elementor is changed in files and classes)

Check the Redirected URLs in Demo Website (all are redirected to Front Page):
https://demo.wpghost.com/wp-admin
https://demo.wpghost.com/wp-login

Check the Hidden Common Paths in Demo Website (all show 404 Page Not Found):
https://demo.wpghost.com/wp-content
https://demo.wpghost.com/wp-content/plugins
https://demo.wpghost.com/wp-content/themes

Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs.

De obicei, securitatea site-urilor WordPress este în fruntea listei de preocupări pentru proprietarii de site-uri noi și cu experiență.

For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself.

Is your website secure? Check your website with Free Website Security Check

Îți protejează site-ul WordPress ascunzând căile de autentificare, cum ar fi wp-admin, wp-login.php, login, wp-signup.php și modifică căile comune WordPress, cum ar fi wp-content, wp-include, uploads și altele.

Being able to protect the common paths is critical because you get to keep hacker bots away from sensitive website data.

Acest lucru este crucial și îți va oferi o experiență excelentă și rezultate foarte bune pe termen lung.

It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well.

If you don’t protect yourself, you will end up having a hacked website sooner or later.

Aceasta este o versiune gratuită a modulului, deci poți utiliza modulul pe toate site-urile, fără nicio restricție.

Secure your website in just minutes with the WP Ghost plugin. Protect your WordPress site against hacker bots and spammers!

Please support us and translate the plugin in your language:
https://translate.wordpress.org/projects/wp-plugins/hide-my-wp

Thank you all for your trust, support, and positive reviews!

Important! This is not the Hide My WP Nulled version of the Hide My WP Codecanyon plugin.

Ready To Protect Your Website From Hackers With The Most USER-FRIENDLY WordPress Security Plugin?

Capturi ecran

Hide My WP > Change Paths > Level Of Security
Hide My WP > Change Paths > Admin Security
Hide My WP > Change Paths > Login Security
Hide My WP > Change Paths > Core Security
Hide My WP > Change Paths > API Security
Hide My WP > Firewall > 8G Firewall
Hide My WP > Brute Force > reCaptcha Protection
Hide My WP > Two Factor > 2FA Login
Hide My WP > Mapping > Text Mapping
Hide My WP > Mapping > URL Mapping
Hide My WP > Tweaks > Hide Options
Hide My WP > Tweaks > Redirect Options
Hide My WP > Temporary Login > Logins
New Login Path /newlogin
Old Login Path shows 404 Error /wp-login.php
Old Admin Path shows 404 Error /wp-admin
New custom core paths changed with Hide My WP Ghost

Instalare

Manually install the WP Ghost Lite plugin:
Step 1. Log In as an Administrator on your WordPress dashboard.
Step 2. In the WordPress menu, go to Plugins > Add New Plugin tab.
Step 3. Click on the Upload Plugin button from the top of the page.
Step 4. Click to browse and upload the hide-my-wp.zip file.
Step 5. After the upload, click the Activate Plugin button to activate the plugin.
Step 6. From the plugins list, click on the Settings link to go to plugin’s settings.
Step 7. Connect the plugin using your email address to get an instant free access token.
Step 8. Follow the setup guide from: https://wpghost.com/kb/install-wp-ghost-plugin/
Enjoy!

Install the WP Ghost Lite directly from the WordPress directory:
Step 1. Log In as an Administrator on your WordPress dashboard.
Step 2. In the WordPress menu, go to Plugins > Add New Plugin tab.
Step 3. Search for ‘WP Ghost’.
Step 4. After the plugin is shown, lick the Activate Plugin button to activate the plugin.
Step 5. From the plugins list, click on the Settings link to go to plugin’s settings.
Step 6. Connect the plugin using your email address to get an instant free access token.
Step 7. Follow the setup guide from: https://wpghost.com/kb/install-wp-ghost-plugin/
Enjoy!

WP Ghost Knowledge Base:

Întrebări frecvente

Acest modul funcționează pe WP multi-site?

Da, modulul funcționează pe WP multi-site și îl vei configura pentru întreaga rețea.

The plugin also works with Apache, Nginx, IIS, and LiteSpeed servers

Is WP Ghost working on Nginx Server?

Da, modulul funcționează pe servere Nginx și vei fi ghidat pentru redirecționările și setările nginx.conf.

Modulul funcționează și cu servere Apache, IIS și LiteSpeed

Tema site-ului meu nu se încarcă corect după ce modific căile. Ce ar trebui să fac?

This issue is most likely from setting the rewritten rules.

Dacă folosești module pentru cache, asigură-te că ștergi cache-ul după ce salvezi setările WP Ghost.
În cazul în care fișierele .htaccess (pentru apache), nginx.conf (pentru Nginx) sau web. config (pentru IIS) nu pot fi scrise, trebuie să adaugi rescrierile manual.
If you have Nginx server make sure you reload the Nginx after you save the settings.
Dacă tema nu se încarcă bine în continuare, contactează-ne și îți putem configura gratuit modulul.

You can find useful information here: https://wpghost.com/kb/

I forgot the custom login and admin URLs. What now?

Nu intra în panică.

You can still access your site with the Safe URL that was downloaded when you saved the settings

Locked out of my site! I set the plugin, and after I logged out I couldn’t get back in

Rename the plugin directory /wp-content/plugins/hide-my-wp so that the plugins won’t hide the wp-login.php path anymore

Make sure you remember the secure parameter and it will be much easier.

Funcționează WP Ghost pe site-urile WordPress.com?

Din cauza securității Jetpack pe site-ul WordPress.com, WP Ghost nu poate modifica căile de administrare și autentificare.

Dacă ai activat deja Hide My Wp pe WordPress.com, înlătură directorul /wp-content/plugins/hide-my-wp pentru a dezactiva modulul.

Will this plugin work if I don’t have custom permalinks on my site?

No. You need to have custom permalinks set to ‘on’ in Settings > Permalinks.

You will get a notification on the Settings page if something is not set upright.

Ce trebuie să fac înainte de a dezactiva modulul?

It’s better to switch to Default Mode in Settings > Hide My WP.

If you don’t, the plugin will automatically change your site back to the safe URLs and it will tell you what to do if you don’t have write permission for the config files

Acest modul este gratuit?

Yes. The Lite features of the WP Ghost plugin will always be free.

Vom include toate actualizările necesare pentru securitatea WordPress.

To unlock all the features, please visit: WP Ghost – Pricing Plan

Cum setezi modulul pe serverul Nginx?

Te rog urmărește acest tutorial pas-cu-pas pentru a configura WP Ghost pentru serverele Nginx:

Setup WP Ghost on Nginx Server
Configure WP Ghost On Nginx Web Server With Virtual Private Server

Install WP Ghost on Kinsta Server
Install WP Ghost on RunCloud Server
Install WP Ghost on WPMUDEV Server
Install WP Ghost on Ploi.io Server
Install WP Ghost on Flywheel Server
Install WP Ghost on Amazon AWS Lightsail Server

How to Hide Your Site From WordPress Theme Detectors?

Modificarea căilor comune WordPress nu va garanta că CMS-ul WordPress este complet ascuns.

Căile vechi sunt încă accesibile și hackerii pot să injecteze SQL și Javascript în modulele și temele instalate care sunt vulnerabile.

Acest modul este suficient pentru a-mi proteja site-ul de toți hackerii?

The Free version of WP Ghost will not protect you from all hacker attacks. For extra security you need the premium version.

WP Ghost hides all the common paths and patterns used but bots to detect that you are using WordPress.

How Can I Change The WP Paths In Admin Dashboard?

By default, WP Ghost changes the paths only in frontend.

We don’t recommend this but if you want to change the path also in the admin dashboard, add this line in wp-config.php file

define('HMW_ALWAYS_CHANGE_PATHS', true);

Save the settings in WP Ghost and the WordPress paths will be changed in admin backend area.

Why The New Admin Path Is Redirected To Front Page?

By default, when you set WP Ghost plugin in Lite Mode, you can login only with the new login path.

To activate the option to access the new admin path and to be redirected to the new login path, do this:

Switch OFF the option WP Ghost > Change Paths > Admin Security > Hide the New Admin Path

Once you switch off the option and save the settings, when you access the new admin path, it will redirect to the new login path.

Customize Paths in WP Ghost

Recenzii

arsl1 11 februarie 2025 1 răspuns

It’s been more than a week of trying out the WP Ghost plugin. I even purchased WP Ghost Pro, only to learn from the plugin’s support adviser, Peter, that this plugin isn’t actually meant for obscuring WooCommerce (mentioned indirectly!). I’m giving zero stars for the support from Peter—there’s basically no help offered and they insist WP Ghost is 100% faultless without ever considering potential conflicts with themes or other plugins. I’m giving two stars for the plugin itself because it does work, but it doesn’t obscure everything, and using WP Ghost (Pro) to rewrite CSS/JS can make WordPress sluggish.

emmecappa 26 noiembrie 2024

Useful plugin

pplucay 23 octombrie 2024

I’m very happy with this plugin, the free version is good, but the premium version is impecable, excellent. If you are doing a business project in internet, and you want to protect your website, this is the plugin. As a business owner I find buying the premium plugin is worth. And the support members of the plugins answer your question in less than a day, and even help you personally. Be safe with this plugin. Pedro L, Chile.

risoneto 7 septembrie 2024 1 răspuns

I’ve been using Hide My WP Ghost for several months now, and it has truly enhanced the security of my WordPress site. The setup process was straightforward, and the plugin provides comprehensive protection by hiding common vulnerabilities. What I love most is how it seamlessly integrates with other security measures without causing any conflicts. The customer support is also top-notch, always ready to assist with any questions. If you’re serious about keeping your site secure, this plugin is a must-have. Highly recommended!

daro2013 3 august 2024

Many thanks

daniellacatus 2 august 2024

After trying various security plugins for my WordPress sites, I decided to stick with Hide My WP Ghost – Security & Firewall, and I am extremely satisfied with this choice. This plugin has proven to provide comprehensive and efficient protection, allowing me to abandon all other security solutions I used to rely on.

Citește toate cele 358 de recenzii

Contributori și dezvoltatori

„WP Ghost (Hide My WP Ghost) – Security & Firewall” este un software open-source. La acest modul au contribuit următoarele persoane.

John Darrel

„WP Ghost (Hide My WP Ghost) – Security & Firewall” a fost tradus în 4 locale. Mulțumim traducătorilor pentru contribuția lor.

Tradu „WP Ghost (Hide My WP Ghost) – Security & Firewall” în limba ta.

Te interesează dezvoltarea?

Răsfoiește codul, vezi depozitarul SVN, sau abonează-te la jurnalul de dezvoltare prin RSS.

Istoric modificări

5.4.01 (06 Ian 2025)

Update – Changed Hide My WP Ghost plugin name with short WP Ghost
Update – WP Ghost comes with a new logo in 2025
Update – More security on REST API for user listing when User Security is activated
Update – Plugin Security and Firewall rules

5.3.02 (08 Nov 2024)

Update – Compatibility with WP 6.7
Update – Add Brute Force for comments form in Brute Force
Update – Translations
Fix – Issue when changing relative to absolute path in javascript
Fix – Root domain regarding multisite with subdomains
Fix – Compatibility with LiteSpeed CDN domains
Fix – Use WordPress function for all parse url
Fix – Activate firewall by default when Lite mode option is selected
Fix – Compatibility with WP Rocket background CSS loader
Fix – Flush changed to config file when some features are activated in Overview section
Fix – Clear cache for Litespeed plugin when changing is made in the Mapping section
Fix – Activate the Text Mapping in CSS and JS files option for hiding class names like elementor or woocommerce

5.3.01 (07 Oct 2024)

Update – Added Hide My WP Advanced Pack in Plugins suggestion
Update – Added Drupal 11 in CMS simulation
Update – Set 404 Not Found error as default option for hidden paths
Update – The files CSS and JS files from WP 6.6 when Clean Login is selected in Advanced > Compatibility
Update – Added the option to pause the plugin for 5 minutes for testing purposes
Update – Compatibility with WP Rocket Background CSS loader
Update – Map Litespeed cache directory in URL Mapping
Fix – Redirect to homepage the newadmin when user is not logged in
Fix – Remove dynamic CSS and JS when Text Mapping is switched off
Fix – Prevent changing wp-content and wp-includes paths in deep URL location and avoid 404 errors

5.3.00 (20 Sept 2024)

Update – Added New Feature Magic Link Login Without Password in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Code (2FA) in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Email (2FA) in Hide My WP > Overview
Update – Added New Feature Temporary Logins Without Password in Hide My WP > Overview
Update – Compatibility with WP 6.6.2 & 8.3.11
Update – Brute Force compatibility with UsersWP plugin
Update – Cookie set on WP Multisite with subdomains
Update – Brute Force shortcode to work with different login forms
Update – Brute Force shortcode to work with Elementor login form
Fix – Compatibility with Nitrocache
Fix – Compatibility with Squirrly SEO
Fix – Compatibility with Autoptimize
Fix – Compatibility with Woocommerce
Fix – Compatibility with Wordfence
Fix – Security Check on admin url and login url
Fix – Google reCaptcha on frontend popup to load google header if not already loaded
Fix – Hide New Login Path to allow redirects from custom paths: lost password, signup and disconnect
Fix – WP Multisite active plugins check to ignore inactive plugins
Corecție – mici erori

5.2.04 (07 July 2024)

Fix – Compatibility with WP 6.6
Fix – Security * Update on wp-login.php and login.php

5.2.03 (04 July 2024)

Update – Added the option to hide the new login path on redirects
Update – Hide login.php path together with wp-login.php path from being redirect to the new login
Update – File permissions check in Security Check to check htaccess and login paths
Corecție – mici erori

5.2.02 (19 June 2024)

Update – Added more path in Frontend Test to make sure the settings are okay before confirmation
Update – Firewall message on blocking process when loading on WP initialization
Update – Compatibility with Wordfence to prevent rewrite rules * Update on security scan
Update – Language translation and typos fixed
Update – Disable click and keys to work without jQuery
Update – Added the option to immediately block a wrong username in Brute Force
Update – Sub-option layouts
Fix – Trim error in cookie when main domain cookie is set
Fix – Filter words in 8G Firewall that might be used in article slugs

5.2.01 (04 June 2024)

Update – Added Firewall blacklist by User Agent
Update – Added Firewall blacklist by Referrer
Update – Added Firewall blacklist by Hostname
Update – Added the option to select the level of access for an IP address in whitelist
Removed – Mysql database permission check as WordPress 6.5 handles DB permissions more secure
Moved – Firewall section was moved to the main menu as includes more subsections
Fix – 8G Firewall compatibility with all page builder plugins
Fix – preg_match warning on firewall.php when checking search engine bots
Fix – Firewall saving process for Whitelist and Blacklist features
Fix – Login access when member plugins are used for login process

5.1.03 (20 May 2024)

Update – Compatibility with WP 6.5.3
Update – Compatibility with WPEngine rules on wp-admin and wp-login.php
Update – Add whitelist paths feature
Update – Select the Whitelist level for IPs and Paths
Fix – Prevent firewall to record all triggered filters as fail attempts
Fix – Remove filter on robots when 8G firewall is active
Fix – Frontend Login Check popup to prevent any redirect to admin panel in popup test
Fix – Prevent redirect the wp-admin to new login when wp-admin path is hidden
Fix – Prevent blocking login page on password protection page when the login path is set by another plugin

5.1.02 (30 Apr 2024)

Update – Security Check verifies the firewall against SQL & Script injection and weak usernames
Update – Font-sizes and layouts
Update – Add support to MyList theme
Update – 7g & 8G firewall to match more WP actions and compatibility with more plugins

5.1.01 (10 Apr 2024)

Update – Added the 8G Firewall filter
Update – Added the required header security for Apache and Nginx
Update – Added the option to block the theme detectors
Update – Added the option to block theme detectors crawlers by IP & agent
Update – Added the option to simulate CMSs like Drupal & Joomla
Update – Added the option on Apache to insert the firewall rules into .htaccess
Fix – Load Firewall on all server types only in frontend to avoid functionality issues in backend
Fix – Avoid loading recaptcha on Password reset link
Fix – Screen 120dpi display layout
Fix – Hide reCaptcha secret key in Settings

5.0.29 (19 Mar 2024)

Update – Compatibility with WP 6.5
Update – Compatibility with CloudPanel & Nginx servers
Update – Compatibility with WordFence scanning
Fix – Hide rest_route only for visitors to avoid errors with builders

5.0.28 (14 Feb 2024)

Compatibility with PHP 8.3 and WP 6.4.3
* Update – Compatibility with Hostinger
* Update – Compatibility with InstaWP
* Update – Compatibility with Solid Security Plugin (ex Solid Security)
* Update – Added the option to block the API call by rest_route param
* Update – Added new detectors in the option to block the Theme Detectors
* Update – Security Check for valid WP paths
* Fix – Don’t load shortcode recapcha for logged users
* Fix – Rewrite rules for the custom wp-login path on Cloud Panel and Nginx servers
* Fix – Issue on change paths when WP Multisite with Subcategories
* Fix – Hide rest_route param when Rest API directory is changed
* Fix – Multilanguage support plugins
* Fix – Small bugs & typos

5.0.27 (18 Oct 2023)

Update – Compatibility with WP 6.4.1 & PHP 8.3
Update – Option to create a random suffix number instead of the version number to prevent caching on static files in admin
Fix – Default redirect URL in Tweaks > Redirects
Update – Compatibility with MainWP Server-Client
Update – Compatibility with WPML plugin
Update – Hide rest_route param when Rest API directory is changed
Fix – URL query args sanitization when the rewrite rules are not added correctly in config file
Fix – Specify the jQuery on Disable Click feature
Update – Compatibility with Hostinger
Update – Compatibility with InstaWP
Update – Add shortcode on BruteForce [hmwp_bruteforce] for any login form
Fix – Small Bugs

5.0.26 (28 Aug 2023)

Fix – Brute Force Math Recaptcha security
Fix – Compatibility with themes without Brute Force Math Recaptcha

5.0.25 (23 Aug 2023)

Fix – Paths change in feed for logos and links
Fix – Security Check report
Fix – Improved security on login
Fix – Typos & Bugs

5.0.24 (03 July 2023)

Update – Frontend Test to check and show the not found links
Update – Add compatibility with 2FA and Two-Factor plugins for two factor authentication
Update – Add Compatibility with FlyingPress & WPFrontendAdmin
Update – WP functions and notifications for PHP 8.2 compatibility
Update – Add new key combinations in HMWP disable inspect element and view source
Fix – Prevent login redirect when the prevent slowing website is activated

5.0.23 (29 May 2023)

Update – Add the option to connect to the custom login path from Cloud
Update – Compatibility with WP 6.2.2
Fix – Typos and small bugs

5.0.22 (16 May 2023)

Update – Add compatibility for Cloud Panel servers
Update – Add compatibility for CMP Coming Soon & Maintenance Plugin by NiteoThemes plugin
Update – Add the option to select the server type if it’s not detected by the server
Update – Add the option to add the rules between the WordPress rewrite rules on Apache/Litespeed servers
Update – Compatibility with SiteGround
Update – Compatibility with Avada when cache plugins are enabled
Fix – Remove the rewrites from WordPress section when the plugin is deactivated
Fix – User roles names display on Tweaks
Fix – Combined the Plugin Loading Hook into one option

5.0.20 (03 May 2023)

Update – File processing when the rules are not set correctly
Update – Security headers default values
Fix – Compatibilities with the last versions of other plugins
Fix – Reduce resource usage on 404 pages

5.0.19 (23 Apr 2023)

Update – Brute Force protection on lost password form
Update – Brute Force protection on Woocommerce (login, signup, lost passowrd)
Update – Compatibility with MemberPress plugin
Fix – My account link on multisite option
Fix – Settings to verify the array values on settings saving process
Fix – Small Bugs

5.0.18 (03 Mar 2023)

Update – Compatibility with WP 6.2
Update – Compatibility with more plugins and themes
Update – Security check when wp-content is customized
Update – File handle for login, signup, logout
Update – Compatibility with PHP 8.2
Update – Remove the atom+xml meta from header
Update – Remove the noredirect param if the redirect is fixed
Update – Check the XML and TXT URI by REQUEST_URI to make sure the Sitemap and Robots URLs are identified
Update – Check the rewrite rules on WordPress Automatic updates too
Update – Add the option to disable HMWP Ghost custom paths for the whitelisted IPs
Update – Save all section on backup restore
Update – Add the option to remove the sitemap style as a separate option from changing the paths in Sitemap.

5.0.17 (19 Dec 2022)

Update – Compatibility with WP 6.1
Update – Remove the noredirect param if the redirect is fixed
Update – Update the verification of the XML and TXT URI
Update – Get the correct login URL when backend URL is different from frontend URL
Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
Fix – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
Fix – White screen on iphone > safari when disable inspect element option is on
Fix – To remove the version from URL even if the ‘ver’ param doesn’t have any value
Fix – Typo in Security Check

5.0.16 (21 Oct 2022)

Update – Add the Brute Force protection on Register Form to prevent account spam
Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
Update – Added the option to prioritize the loading of HMWP Ghost plugin for more compatibility with other plugins
Update – Compatibility with LiteSpeed servers and last version of WordPress
Update – Compatibility with Breakdance plugin
Update – Compatibility with Nicepage Builder plugin
Update – Compatibility with WP 6.0.2
Fix – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
Fix – Remove the get_site_icon_url hook to avoid any issue on the login page with other themes
Fix – Compatibility with ShortPixel webp extension when Feed Security is enabled
Fix – Fixed the ltrim of null error on PHP 8.1 for site_url() path

5.0.15 (06 Sept 2022)

Fix – URL Mapping for Nginx servers to prevent 404 pages
Fix – PHP error in Security Check when the X-Powered-By header is not string
Fix – Compatibility with Wp-Rocket last version
Fix – Brute force math issue on woocommerce login when third party woocommerce logins
Fix – Not to hide the image on login page when no custom image is set in Appearance > Customize > Site Logo
Fix – Compatibility with ShortPixel webp extension when Feed Security is enabled
Update – Compatibility with Nicepage Builder plugin
Update – Compatibility with WP 6.0.2

5.0.14 (17 June 2022)

Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – Compatibility with WordPress 6.0
Update – Add the option to automatically redirect to admin when access the login page and the user is logged
Fix – Avoid showing 404 error on Litespeed WP Multisite when a new site is created
Fix – Avoid showing 404 error on Litespeed WP Multisite when a new taxonomy is created
Fix – Brute force math security when the math field is deleted
Fixed the hidden URLs process

5.0.13 (03 May 2022)

Update – Compatibility with WordPress 5.9.3
Update – Compatibility with BackUpWordPress plugin
Update – Compatibility with Themify theme
Fix – Added the URI in the redirected URL
Fix – Compatibility with LiteSpeed cache plugin

5.0.12 (08 Mar 2022)

Update – Added compatibility with Backup Guard Plugin
Update – Prevent affecting the cron processes on Wordfence & changing the paths during the cron process
Update – Change the WP-Rocket cache files on all subsites for WP Multisite
Update – Automatically add the CDN URL if WP_CONTENT_URL is set as a different domain
Update – Compatibility with WordPress 5.9.1
Fix – Change Paths for Logged Users issue
Fix – Show the feature icon in the feature list
Fix – Show all the rewrite paths for WpEngine with PHP >7.4
Fix – Frontend test when the plugins paths are not changed

5.0.11 (22 Feb 2022)

Update – Added 7G Firewall option in Hide My WP > Change Paths > Firewall & Headers > Firewall Against Script Injection
Update – Fixed the menu hidden issue when other security plugins are active
Update – Compatibility with Login/Signup Popup plugin when Brute Force Google reCaptcha is activated
Update – Compatibility with Buy Me A Coffee plugin
Fix – Library loading ID in HMWP Ghost

5.0.10 (17 Feb 2022)

Update – Added new option in Login Security: Hide the language switcher option on the login page
Update – Added the option to reset all settings to default
Update – Added the Ctrl + Shift + C restriction when Inspect Element option is active
Update – Added the features text for translation
Update – Added Firewall & Headers option
Update – Added the option to ignore the notifications and avoid repeating alerts
Update – Added the option to disable Right-Click for logged users and user roles
Update – Added the option to disable Inspect Element for logged users and user roles
Update – Added the option to disable View Source for logged users and user roles
Update – Added the option to disable Copy/Paste for logged users and user roles
Update – Added the option to disable Drag/Drop for logged users and user roles
Update – Add the option to hide the wp-admin path for non-admin users
Update – Compatibility with Namecheap hosting
Update – Compatibility with Ploi.io
Update – Compatibility with WordPress 5.9
Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – Compatibility with Advanced Access Manager (AAM) plugin
Update – Compatibility with WPS Hide Login
Update – Compatibility with JobCareer theme
Update – Compatibility with Wordfence Security Scan when the wp-admin is hidden
Update – Compatibility with the Temporary Login Without Password plugin to work with the passwordless connection on custom admin
Update – Compatibility with the LoginPress plugin to work with the passwordless connection on custom admin
Update – Compatibility with WordPress Sitemap, Rank Math SEO, SEOPress, XML Sitemaps to hide the paths and style on Nginx servers
Update – Compatibility with Nitropack
Update – Compatibility with OptimizePress Dashboard
Update – Compatibility with Bricks Builder
Update – Compatibility with Zion Builder
Update – Compatibility with MainWP
Update – Compatibility with Limit Login Attempts Reloaded
Actualizare – compatibilitate cu Loginizer
Update – Compatibility with Shield Security
Update – Compatibility with iThemes Security
Update – Compatibility with Smush plugin
Update – Compatibility with Wordfence 2FA when reCaptcha is active
Update – Added compatibility with JCH Optimize 3 plugin
Update – Added compatibility with Oxygen 3.8 plugin
Update – Added compatibility with WP Bakery plugin
Update – Added compatibility with Bunny CDN plugin
Update – Update compatibility with Manage WP plugin
Update – Update compatibility with the Autoptimize plugin
Update – Update compatibility with Breeze plugin
Update – Update compatibility with Cache Enabler plugin
Update – Update compatibility with CDN Enabler plugin
Update – Update compatibility with Comet Cache plugin
Update – Update compatibility with the Hummingbird plugin
Update – Update compatibility with Hyper Cache plugin
Update – Update compatibility with the Litespeed Cache plugin
Update – Update compatibility with the Power Cache plugin
Update – Update compatibility with the W3 Total Cache plugin
Update – Update compatibility with WP Fastest Cache plugin
Update – Update compatibility with the iThemes plugin
Update – Added compatibility with Hummingbird Performance plugin
Update – Advanced Text Mapping to work with Page Builders in admin
Update – Changing the paths in sitemap.xml and robots.txt to work with all SEO plugins
Update – Translate the plugin into more languages
Update – Select the cache directory if there is a custom cache directory set in the cache plugin
Update – Show the change in cache files option for more cache plugins
Update – Removed the WordPress title tag from login/register pages
Fix – Brute Force blocking Wordfence Cron Job
Fix – Infinite loop when POST action on unknown paths
Fix – Remove the login URL from the logo on the custom login page
Fix – Set Filesystem to direct connection for file management
Fix – Don’t show the rewrite alert messages if nothing was changed in HMWP

Security:
Two-Factor Authenticator Code
2FA Security
Temporary Login without password
WordPress Security Plugin
Ocultar Mi WP – Plugin de seguridad de WordPress
Ocultar meu WP – Segurança do WordPress
Cacher mon WordPress – Plugin de sécurité WordPress
Verstecken Sie mein WordPress – WordPress Sicherheits-Plugin
Hide My WP – WordPress Security Plugin
Hide WordPress
Security Plugin
Hide My WP free download
Hide wp-login URL

Ghost is not for Obscuring WordPress/WooCommerce

Useful

Highly recommended, best on the solution

Amazing Security Plugin!

Very Powerful Security Plugin

I highly recommend Hide My WP Ghost – Security & Firewall

Descriere

Capturi ecran

Instalare

Întrebări frecvente

Acest modul funcționează pe WP multi-site?

Is WP Ghost working on Nginx Server?

Tema site-ului meu nu se încarcă corect după ce modific căile. Ce ar trebui să fac?

I forgot the custom login and admin URLs. What now?

Locked out of my site! I set the plugin, and after I logged out I couldn’t get back in

Funcționează WP Ghost pe site-urile WordPress.com?

Will this plugin work if I don’t have custom permalinks on my site?

Ce trebuie să fac înainte de a dezactiva modulul?

Acest modul este gratuit?

Cum setezi modulul pe serverul Nginx?

How to Hide Your Site From WordPress Theme Detectors?

Acest modul este suficient pentru a-mi proteja site-ul de toți hackerii?

How Can I Change The WP Paths In Admin Dashboard?

Why The New Admin Path Is Redirected To Front Page?