Hide My WordPress

plugin banner

You can choose to hide the admin URLs and login to increases your wordpress security against hackers and spammers.

Author:WPPlugins - WordPress Security Plugins (profile at wordpress.org)
WordPress version required:4.6
WordPress version tested:6.5
Plugin version:5.0.29
Added to WordPress repository:01-07-2016
Last updated:21-03-2024
Rating, %:90
Rated by:314
Plugin URI:https://wordpress.org/plugins/hide-my-wp/
Total downloads:1 610 574
Active installs:100 000+
plugin download
Click to start download

Hide My WP Ghost is a WordPress Security plugin. It gives you the best security solutions with its powerful and easy-to-use features. Without physically changing any directory or file, Hide My WP Ghost can take your website’s security to the next level.

Over 200.000 secured websites, over 8,000,000 brute force attempts blocked and over 140.000 monthly hacks stopped and counting.

The plugin adds filters and security layers to prevent Scripts and SQL Injections, Brute Force attacks, XML-RPC attacks, XSS, and more.

It changes and hides the WP common paths, plugins, and themes paths offering the best protection against hacker bots attacks.

Note! No file or directory is physically changed. All the changes are made by server rewrite rules without affecting the SEO or the loading speed.

After the common paths are changed, all the common paths are hidden from hackers to protect all the plugins and themes.


YouTube – Why You Must Have Hide My WP

Check the Demo Website source code:
https://demo.wpplugins.tips/
(the elementor is changed in files and classes using the PRO version)

Check the Redirected URLs in Demo Website (all are redirected to Front Page):
https://demo.wpplugins.tips/wp-admin
https://demo.wpplugins.tips/wp-login

Check the Hidden Common Paths in Demo Website (all show 404 Page Not Found):
https://demo.wpplugins.tips/wp-content
https://demo.wpplugins.tips/wp-content/plugins
https://demo.wpplugins.tips/wp-content/themes

The plugin works with other security plugins like Wordfence, iThemes Security, Sucuri and adds a layer of security to your WordPress website against hacker bots.

Hide My WP Ghost is compatible with all servers, hosting services, and also supports WP Multisite.

Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs.

Security of WordPress sites typically tops the list of concerns for new and experienced website owners alike.

For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself.

Is your website secure? Check your website with Free Website Security Check

Protect your WordPress website by hiding the authentication paths like wp-admin, wp-login.php, and wp-login, and change the common WordPress paths like wp-content, wp-includes, uploads, and more.

Hide My WP Ghost is packed with awesome security features:

Hide My WP Ghost (over 40 FREE Security Features):

  • Hide WordPress wp-admin, and show 404 error or a custom page
  • Hide WordPress wp-login.php, and show 404 error or a custom page
  • Change the wp-admin and wp-login URLs
  • Change lost password URL
  • Change register URL
  • Change logout URL
  • Change activation URL
  • Change admin-ajax URL
  • Change wp-content URL
  • Change wp-includes URL
  • Change uploads URL
  • Change comments URL
  • Change author URL
  • Change plugins URL
  • Change plugins name
  • Change themes URL
  • Change themes name
  • Custom themes style.css name
  • Change REST API wp-json URL
  • Change category URL
  • Change tags URL

  • Custom login redirects based on user role

  • Custom logout redirects based on user role

  • Change URLs from Relative to Absolute

  • Change URLs in Ajax calls
  • Change URLs for Logged Users
  • Change URLs in Cache Files
  • Change paths in Sitemap.xml
  • Change paths in Robots.txt

  • Security Headers against XSS & Code Injections

  • Security Header Strict-Transport-Security
  • Security Header Content-Security-Policy
  • Security Header X-XSS-Protection
  • Security Header X-Content-Type-Options
  • Security Header X-Frame-Options
  • Firewall against Script Injections and SQL Injection
  • 7G Firewall Security Filter

Hide Options:

  • Hide /wp-admin path
  • Hide /wp-login path
  • Hide /login path
  • Hide REST API wp-json path
  • Hide Admin Toolbar based on user role
  • Hide style IDs and META IDs
  • Hide WordPress HTML comments
  • Hide Version and WordPress Tags
  • Hide DNS Prefetch WordPress link
  • Hide WordPress Generator Meta
  • Hide RSD (Really Simple Directory) header
  • Hide Emoticons if you don’t use them

Disable Options:

  • Disable REST API access
  • Disable XML-RPC access
  • Disable Embed scripts
  • Disable DB-Debug in Frontend
  • Disable WLW Manifest scripts
  • Disable Select All – Ctrl+A (Windows and Linux), ⌘+A (macOS)
  • Disable Copy – Ctrl+C (Windows and Linux), ⌘+C (macOS)
  • Disable Cut – Ctrl+X (Windows and Linux), ⌘+X (macOS)
  • Disable Paste – Ctrl+V (Windows and Linux), ⌘+V (macOS)
  • Disable Save – Ctrl+S (Windows and Linux), ⌘+S (macOS)
  • Disable Inspect Element/Developer Tool – Ctrl+Shift+I (Windows and Linux), ⌘+⌥+I (macOS)
  • Disable View Source – Ctrl+U (Windows and Linux), ⌘+U (macOS)
  • Disable Right Click
  • Disable Drag-Drop
  • Disable Image Dragging by Mouse
  • Disable Text Selection
  • Disable Directory Browsing

Mapping Text and URLs:

  • Change URLs using URL Mapping
  • Change classes using Text Mapping
  • Change CDN URLs using CDN Mapping
  • Change paths in the cache files
  • Change paths in the Feed link
  • Change paths in the Sitemap XML
  • Change paths in the Robots.txt

Brute Force Protection:

  • Brute Force Protection with Math reCaptcha
  • Brute Force Protection with Google reCaptcha V2
  • Brute Force Protection with Google reCaptcha V3
  • Custom attempts, timeout, message
  • Manage Blacklist and Whitelist IPs

Extra Features:

  • Backup and Restore settings
  • Fix relative URLs
  • Change classes on source code using Text Mapping
  • Change URLs on source code using URL Mapping
  • Cache CSS, JS, and Images to optimize the loading speed
  • Weekly security checks and reports

Integrations:

  • Support for WP Multisite
  • Support for Nginx
  • Support for IIS
  • Support for LiteSpeed
  • Support for Apache
  • Support for Siteground
  • Support for WP Engine
  • Support for AWS Hosting
  • Support for Inmotion Hosting
  • Support for Hostgator Hosting
  • Support for Godaddy Hosting
  • Support for Host1plus
  • Support for Payperhost
  • Support for Fastcomet
  • Support for Dreamhost
  • Support for Bitnami Apache
  • Support for Bitnami Nginx
  • Support for Google Cloud Hosting
  • Support for Litespeed Hosting
  • Support for Flywheels Hosting
  • Support for Ploi Hosting
  • Support for Namecheap Hosting
  • Support for RunCloud Hosting
  • Support for WPEngine Hosting
  • Support for CloudPanel Hosting

  • Recommended by Wp Rocket

  • Recommended by WPML

See All FREE Security Features (over 40):
Hide My WP Free Features

See All Premium Security Features (over 70):
* All the Hide My WP Ghost Free Features
* Cloud Events Monitoring
* Hide Old WordPress Common Paths by Extension
* Temporary Logins Without Password
* Two-factor Authentication By Code (2FA)
* Two-factor Authentication By Email (2FA)
* and more
Hide My WP Premium Feature

Compatible with: WP Multisite, Apache, Litespeed, Nginx and IIS.

Plugins Compatibility updates: WPML, WPMUDEV, W3 Total Cache, Gravity, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache, SiteGround Optimizer,
Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, Manage WP,
All In One SEO, Rank Math, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, iThemes Security, Sucuri Security, Really Simple SSL, WordFence Security, WP Cerber Security, BBQ Firewall, Anti-Malware Security,
Back-Up WordPress, Elementor Page Builder, Divi Builder, Weglot Translate, AddToAny Share Btn, Limit Login Attempts Reloaded, Loginizer, Shield Security, Asset CleanUp, WP Hide & Security Enhancer, and more

Compatibility Plugins List: Hide My WP Compatibility Plugins
Compatibility Theme List: Hide My WP Compatibility Themes

Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Amazon AWS Lightsail, Litespeed Hosting, Flywheels Hosting, Kinsta Hosting, Ploi.io, CloudPanel, RunCloud

Being able to protect the common paths is critical because you get to keep hacker bots away from sensitive website data.

This is crucial, and it will provide you with a great experience and perfect results in the long term.

It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well.

If you don’t protect yourself, you will end up having a hacked website sooner or later.

This is a free version of the plugin, so you can use it for all your websites without any restrictions.

Secure your website in just minutes with the Hide My WP Ghost plugin. Protect your WordPress site against hacker bots and spammers!

Please support us and translate the plugin in your language:
https://translate.wordpress.org/projects/wp-plugins/hide-my-wp

Thank you all for your trust, support, and positive reviews!

Important! This is not the Hide My WP Nulled version of the Hide My WP Codecanyon plugin.

Ready To Protect Your Website From Hackers With The Most USER-FRIENDLY WordPress Security Plugin?


Screenshots
FAQ
ChangeLog