Hide My WP Ghost – Security & Firewall Wordpress Plugin - Rating, Reviews, Demo & Download
Plugin Description
Level up your WordPress security with Hide My WP Ghost plugin!
Hide My WP Ghost is a Hack Prevention WordPress Security Plugin. With powerful, easy-to-use features, it boosts your site’s security without altering any directories or files.
Join over 100,000 secured websites with Hide My WP Ghost. The plugin has blocked over 9 million brute force attempts and stopped over 140,000 monthly hacks.
Key features include powerful protection against:
- Brute Force Attacks
- SQL Injection Attacks
- Script Injection Attacks
- XML-RPC attacks
- File Inclusion
- Malware injection
- Cross-Site Scripting (XSS)
- Throttling of Access Attempts to Entry Points
- and more
Protect your site today! Hide My WP Ghost hides all common paths from hackers, shielding all your plugins and themes effectively.
YouTube – Why You Must Have Hide My WP
Hide My WP Ghost is packed with over 45 security features:
Change and Hide Paths:
- Hide WordPress wp-admin, and show 404 error or a custom page
- Hide WordPress wp-login.php, and show 404 error or a custom page
- Change the wp-admin and wp-login URLs
- Change lost password URL
- Change register URL
- Change logout URL
- Change activation URL
- Change admin-ajax URL
- Change wp-content URL
- Change wp-includes URL
- Change uploads URL
- Change comments URL
- Change author URL
- Change plugins URL
- Change plugins name
- Change themes URL
- Change themes name
- Custom themes style.css name
- Change REST API wp-json URL
- Change category URL
Change tags URL
Custom login redirects based on user role
Custom logout redirects based on user role
Change URLs from Relative to Absolute
- Change URLs in Ajax calls
- Change URLs for Logged Users
- Change URLs in Cache Files
- Change paths in Sitemap.xml
- Change paths in Robots.txt
Firewall:
- Two-factor Authentication By Code (2FA)
- Two-factor Authentication By Email (2FA)
- Security Headers against XSS & Code Injections
- Security Header Strict-Transport-Security
- Security Header Content-Security-Policy
- Security Header X-XSS-Protection
- Security Header X-Content-Type-Options
- Security Header X-Frame-Options
- Firewall against Script Injections and SQL Injection
- 7G Firewall Security Filter
- 8G Firewall Security Filter
- Block by IP Addresses
- Block by User Agents
- Block by Referrers
- Block by Hostnames
- Hide Website from Theme Detectors
Hide Options:
- Hide /wp-admin path
- Hide /wp-login path
- Hide /login path
- Hide REST API wp-json path
- Hide Admin Toolbar based on user role
- Hide style IDs and META IDs
- Hide WordPress HTML comments
- Hide Version and WordPress Tags
- Hide DNS Prefetch WordPress link
- Hide WordPress Generator Meta
- Hide RSD (Really Simple Directory) header
- Hide Emoticons if you don’t use them
Disable Options:
- Disable REST API access
- Disable XML-RPC access
- Disable Embed scripts
- Disable DB-Debug in Frontend
- Disable WLW Manifest scripts
- Disable Select All – Ctrl+A (Windows and Linux), ⌘+A (macOS)
- Disable Copy – Ctrl+C (Windows and Linux), ⌘+C (macOS)
- Disable Cut – Ctrl+X (Windows and Linux), ⌘+X (macOS)
- Disable Paste – Ctrl+V (Windows and Linux), ⌘+V (macOS)
- Disable Save – Ctrl+S (Windows and Linux), ⌘+S (macOS)
- Disable Inspect Element/Developer Tool – Ctrl+Shift+I (Windows and Linux), ⌘+⌥+I (macOS)
- Disable View Source – Ctrl+U (Windows and Linux), ⌘+U (macOS)
- Disable Right Click
- Disable Drag-Drop
- Disable Image Dragging by Mouse
- Disable Text Selection
- Disable Directory Browsing
Mapping Text and URLs:
- Change URLs using URL Mapping
- Change classes using Text Mapping
- Change CDN URLs using CDN Mapping
- Change paths in the cache files
- Change paths in the Feed link
- Change paths in the Sitemap XML
- Change paths in the Robots.txt
Brute Force Protection:
- Brute Force Protection with Math reCaptcha
- Brute Force Protection with Google reCaptcha V2
- Brute Force Protection with Google reCaptcha V3
- Brute Force Protection on Login
- Brute Force Protection on Password Lost
- Brute Force Protection on Signup
- Brute Force Protection on Comment
- Brute Force Protection on Woocommerce Login
- Brute Force Protection shortcode [hmwp_bruteforce]
- Custom attempts, timeout, message
- Manage Blacklist and Whitelist IPs
Extra Features:
- Magic Link Login Without Password
- Temporary Logins Without Password
- Fix relative URLs
- Backup and Restore settings
- Change classes on source code using Text Mapping
- Change URLs on source code using URL Mapping
- Cache CSS, JS, and Images to optimize the loading speed
- Weekly security checks and reports
Integrations:
- Support for WP Multisite
- Support for Nginx
- Support for IIS
- Support for LiteSpeed
- Support for Apache
- Support for Siteground
- Support for WP Engine
- Support for AWS Hosting
- Support for Inmotion Hosting
- Support for Hostgator Hosting
- Support for Godaddy Hosting
- Support for Host1plus
- Support for Payperhost
- Support for Fastcomet
- Support for Dreamhost
- Support for Bitnami Apache
- Support for Bitnami Nginx
- Support for Google Cloud Hosting
- Support for Litespeed Hosting
- Support for Flywheels Local
- Support for Flywheels Hosting
- Support for Ploi Hosting
- Support for Namecheap Hosting
- Support for RunCloud Hosting
- Support for WPEngine Hosting
Support for CloudPanel Hosting
Recommended by Wp Rocket
- Recommended by WPML
See All FREE Security Features:
Hide My WP Free FeaturesPremium Security Features (over 70):
- Hide WordPress Common Paths by Extension
- Hide WordPress Files like wp-config.php, wp-config-sample.php, wp-load.php, wp-settings.php, wp-blog-header.php, readme.html, readme.txt, install.php, license.txt, php.ini, hidemywp.conf, bb-config.php, error_log, debug.log
- Events/Actions Monitoring (Cloud Backup)
- Brute Force Monitoring (Cloud Backup)
- Geo Security
- Country Blocking
- Files Permission Fix
- Database Prefix Fix
- SALT keys Fix
- and more
Hide My WP Premium Feature
Hide My WP Ghost is compatible with all server types, hosting services, and also supports WP Multisite.
Compatible server types: WP Multisite, Apache, Litespeed, Nginx and Windows IIS.
Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Amazon AWS Lightsail, Litespeed Hosting, Flywheels Hosting, Kinsta Hosting, Ploi.io, CloudPanel, RunCloud
Plugins Compatibility updates: Woocommerce, WPML, WPMUDEV, W3 Total Cache, Gravity, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache, SiteGround Optimizer, Nitropack,
Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, Manage WP,
All In One SEO, Rank Math, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, Solid Security, Sucuri Security, Really Simple SSL, WordFence Security, WP Cerber Security, BBQ Firewall, Anti-Malware Security,
Back-Up WordPress, Elementor Page Builder, Divi Builder, Weglot Translate, AddToAny Share Btn, Limit Login Attempts Reloaded, Loginizer, Shield Security, Asset CleanUp, WP Hide & Security Enhancer, and more
Compatibility Plugins List: Hide My WP Compatibility Plugins
Compatibility Theme List: Hide My WP Compatibility Themes
Hide My WP Ghost changes and hides WP common paths, admin & login paths, plugin paths, and theme paths, protecting your site from hacker bots.
Note: No files or directories are physically altered. All changes are implemented through server rewrite rules, ensuring no impact on SEO or loading speed.
The plugin works with other security plugins like Wordfence, Solid Security, Sucuri and adds a layer of security to your WordPress website against hacker bots.
Check the Demo Website source code:
https://demo.wpplugins.tips/
(the elementor is changed in files and classes using the PRO version)Check the Redirected URLs in Demo Website (all are redirected to Front Page):
https://demo.wpplugins.tips/wp-admin
https://demo.wpplugins.tips/wp-loginCheck the Hidden Common Paths in Demo Website (all show 404 Page Not Found):
https://demo.wpplugins.tips/wp-content
https://demo.wpplugins.tips/wp-content/plugins
https://demo.wpplugins.tips/wp-content/themes
Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs.
Security of WordPress sites typically tops the list of concerns for new and experienced website owners alike.
For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself.
Is your website secure? Check your website with Free Website Security Check
Protect your WordPress website by hiding the authentication paths like wp-admin, wp-login.php, login, wp-signup.php, and change the common WordPress paths like wp-content, wp-includes, uploads, and more.
Being able to protect the common paths is critical because you get to keep hacker bots away from sensitive website data.
This is crucial, and it will provide you with a great experience and perfect results in the long term.
It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well.
If you don’t protect yourself, you will end up having a hacked website sooner or later.
This is a free version of the plugin, so you can use it for all your websites without any restrictions.
Secure your website in just minutes with the Hide My WP Ghost plugin. Protect your WordPress site against hacker bots and spammers!
Please support us and translate the plugin in your language:
https://translate.wordpress.org/projects/wp-plugins/hide-my-wp
Thank you all for your trust, support, and positive reviews!
Important! This is not the Hide My WP Nulled version of the Hide My WP Codecanyon plugin.
Ready To Protect Your Website From Hackers With The Most USER-FRIENDLY WordPress Security Plugin?
Screenshots
-
Hide My WP > Change Paths > Level Of Security
-
Hide My WP > Change Paths > Admin Security
-
Hide My WP > Change Paths > Login Security
-
Hide My WP > Change Paths > Core Security
-
Hide My WP > Change Paths > API Security
-
Hide My WP > Firewall > 8G Firewall
-
Hide My WP > Brute Force > reCaptcha Protection
-
Hide My WP > Two Factor > 2FA Login
-
Hide My WP > Mapping > Text Mapping
-
Hide My WP > Mapping > URL Mapping
-
Hide My WP > Tweaks > Hide Options
-
Hide My WP > Tweaks > Redirect Options
-
Hide My WP > Temporary Login > Logins
-
New Login Path /newlogin
-
Old Login Path shows 404 Error /wp-login.php
-
Old Admin Path shows 404 Error /wp-admin
-
New custom core paths changed with Hide My WP Ghost