Name: WP Ghost (Hide My WP Ghost) – Security & Firewall
Rating: 4.5 (357 reviews)

外掛說明

Level up your WordPress security with WP Ghost plugin!

WP Ghost (short for Hide My WP Ghost) is a comprehensive hack-prevention security solution for WordPress websites. It adds multiple layers of security to block hacker bots and prevent unauthorized access.

It works by changing and hiding common vulnerabilities, making it difficult for bots and hackers to exploit weak points in plugins, themes, and the WordPress core itself.

Join over 200,000 secured websites with WP Ghost. The plugin has blocked over 9 million brute force attempts and stopped over 140,000 monthly hacks.

Key features include powerful protection against:

Brute Force Attacks

SQL Injection Attacks

Script Injection Attacks

Vulnerability Exploit

Malware Injection

XML-RPC attacks

File Inclusion Exploits

Directory Traversal Attacks

Default WP Paths Exploits

Cross-Site Scripting (XSS)

Throttling of Access Attempts to Entry Points

and more

Protect your site today! WP Ghost hides and secures all common paths, plugins and themes from hacker bots and spammers.

YouTube – Why You Must Have Hide My WP

WP Ghost is packed with over 50 security free features:

Change and Hide Paths:

Hide WordPress wp-admin, and show 404 error or a custom page

Hide WordPress wp-login.php, and show 404 error or a custom page

Change the wp-admin and wp-login URLs

Change lost password URL

Change register URL

Change logout URL

Change activation URL

Change admin-ajax URL

Change wp-content URL

Change wp-includes URL

Change uploads URL

Change comments URL

Change author URL

Change plugins URL

Change plugins name

Change themes URL

Change themes name

Custom themes style.css name

Change REST API wp-json URL

Change category URL

Change tags URL

Custom login redirects based on user role

Custom logout redirects based on user role

Change URLs from Relative to Absolute

Change URLs in Ajax calls

Change URLs for Logged Users

Change URLs in Cache Files

Change paths in Sitemap.xml

Change paths in Robots.txt

Firewall:

Two-factor Authentication By Code (2FA)

Two-factor Authentication By Email (2FA)

Security Headers against XSS & Code Injections

Security Header Strict-Transport-Security

Security Header Content-Security-Policy

Security Header X-XSS-Protection

Security Header X-Content-Type-Options

Security Header X-Frame-Options

Firewall against Script Injections and SQL Injection

7G Firewall Security Filter

8G Firewall Security Filter

Block by IP Addresses

Block by User Agents

Block by Referrers

Block by Hostnames

Hide Website from Theme Detectors

Hide Options:

Hide /wp-admin path

Hide /wp-login path

Hide /login path

Hide REST API wp-json path

Hide Admin Toolbar based on user role

Hide style IDs and META IDs

Hide WordPress HTML comments

Hide Version and WordPress Tags

Hide DNS Prefetch WordPress link

Hide WordPress Generator Meta

Hide RSD (Really Simple Directory) header

Hide Emoticons if you don’t use them

Disable Options:

Disable REST API access

Disable XML-RPC access

Disable Embed scripts

Disable DB-Debug in Frontend

Disable WLW Manifest scripts

Disable Select All – Ctrl+A (Windows and Linux), ⌘+A (macOS)

Disable Copy – Ctrl+C (Windows and Linux), ⌘+C (macOS)

Disable Cut – Ctrl+X (Windows and Linux), ⌘+X (macOS)

Disable Paste – Ctrl+V (Windows and Linux), ⌘+V (macOS)

Disable Save – Ctrl+S (Windows and Linux), ⌘+S (macOS)

Disable Inspect Element/Developer Tool – Ctrl+Shift+I (Windows and Linux), ⌘+⌥+I (macOS)

Disable View Source – Ctrl+U (Windows and Linux), ⌘+U (macOS)

Disable Right Click

Disable Drag-Drop

Disable Image Dragging by Mouse

Disable Text Selection

Disable Directory Browsing

Mapping Text and URLs:

Change URLs using URL Mapping

Change classes using Text Mapping

Change CDN URLs using CDN Mapping

Change paths in the cache files

Change paths in the Feed link

Change paths in the Sitemap XML

Change paths in the Robots.txt

Brute Force Protection:

Brute Force Protection with Math reCaptcha

Brute Force Protection with Google reCaptcha V2

Brute Force Protection with Google reCaptcha V3

Brute Force Protection on Login

Brute Force Protection on Password Lost

Brute Force Protection on Signup

Brute Force Protection on Comment

Brute Force Protection on Woocommerce Login

Brute Force Protection shortcode [hmwp_bruteforce]

Custom attempts, timeout, message

Manage Blacklist and Whitelist IPs

Extra Features:

Magic Link Login Without Password

Temporary Logins Without Password

Fix relative URLs

Backup and Restore settings

Change classes on source code using Text Mapping

Change URLs on source code using URL Mapping

Cache CSS, JS, and Images to optimize the loading speed

Weekly security checks and reports

Integrations:

Support for WP Multisite

Support for Nginx

Support for IIS

Support for LiteSpeed

Support for Apache

Support for Siteground

Support for WP Engine

Support for AWS Hosting

Support for Inmotion Hosting

Support for Hostgator Hosting

Support for Godaddy Hosting

Support for Host1plus

Support for Payperhost

Support for Fastcomet

Support for Dreamhost

Support for Bitnami Apache

Support for Bitnami Nginx

Support for Google Cloud Hosting

Support for Litespeed Hosting

Support for Flywheels Local

Support for Flywheels Hosting

Support for Ploi Hosting

Support for Namecheap Hosting

Support for RunCloud Hosting

Support for WPEngine Hosting

Support for CloudPanel Hosting

Recommended by Wp Rocket

Recommended by WPML

Premium Security Features (over 70):

WordPress Hardening

Hide WordPress Common Paths by Extension

Hide WordPress Files like wp-config.php, wp-config-sample.php, wp-load.php, wp-settings.php, wp-blog-header.php, readme.html, readme.txt, install.php, license.txt, php.ini, hidemywp.conf, bb-config.php, error_log, debug.log

Events/Actions Monitoring (Cloud Backup)

Brute Force Monitoring (Cloud Backup)

Geo Security

Country Blocking

Vulnerability Management

Files Permission Fix

Database Prefix Change

SALT Keys Change

Premium Support

and more
Hide My WP Premium Feature

Compatible server types: WP Multisite, Apache, Litespeed, Nginx and Windows IIS.
Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Amazon AWS Lightsail, Litespeed Hosting, Flywheels Hosting, Kinsta Hosting, Ploi.io, CloudPanel, RunCloud

Plugins Compatibility updates: Woocommerce, WPML, WPMUDEV, W3 Total Cache, Gravity, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache, SiteGround Optimizer, Nitropack,
Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, Manage WP,
All In One SEO, Rank Math, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, Solid Security, Sucuri Security, Really Simple SSL, WordFence Security, WP Cerber Security, BBQ Firewall, Anti-Malware Security,
Back-Up WordPress, Elementor Page Builder, Divi Builder, Weglot Translate, AddToAny Share Btn, Limit Login Attempts Reloaded, Loginizer, Shield Security, Asset CleanUp, WP Hide & Security Enhancer, and more

Compatibility Plugins List: Hide My WP Compatibility Plugins
Compatibility Theme List: Hide My WP Compatibility Themes

WP Ghost changes and hides WP common paths, admin & login paths, plugin paths, and theme paths, protecting your site from hacker bots.

Note! No files or directories are physically altered. All changes are implemented through server rewrite rules, ensuring no impact on SEO or loading speed.

The plugin works with other security plugins and adds a layer of security to your WordPress website against hacker bots.

Check the Demo Website source code:
https://demo.wpghost.com/
(the elementor is changed in files and classes)

Check the Redirected URLs in Demo Website (all are redirected to Front Page):
https://demo.wpghost.com/wp-admin
https://demo.wpghost.com/wp-login

Check the Hidden Common Paths in Demo Website (all show 404 Page Not Found):
https://demo.wpghost.com/wp-content
https://demo.wpghost.com/wp-content/plugins
https://demo.wpghost.com/wp-content/themes

Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs.

Security of WordPress sites typically tops the list of concerns for new and experienced website owners alike.

For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself.

Is your website secure? Check your website with Free Website Security Check

Protect your WordPress website by hiding the authentication paths like wp-admin, wp-login.php, login, wp-signup.php, and change the common WordPress paths like wp-content, wp-includes, uploads, and more.

Being able to protect the common paths is critical because you get to keep hacker bots away from sensitive website data.

This is crucial, and it will provide you with a great experience and perfect results in the long term.

It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well.

If you don’t protect yourself, you will end up having a hacked website sooner or later.

This is a free version of the plugin, so you can use it for all your websites without any restrictions.

Secure your website in just minutes with the WP Ghost plugin. Protect your WordPress site against hacker bots and spammers!

Please support us and translate the plugin in your language:
https://translate.wordpress.org/projects/wp-plugins/hide-my-wp

Thank you all for your trust, support, and positive reviews!

Important! This is not the Hide My WP Nulled version of the Hide My WP Codecanyon plugin.

Ready To Protect Your Website From Hackers With The Most USER-FRIENDLY WordPress Security Plugin?

螢幕擷圖

Hide My WP > Change Paths > Level Of Security
Hide My WP > Change Paths > Admin Security
Hide My WP > Change Paths > Login Security
Hide My WP > Change Paths > Core Security
Hide My WP > Change Paths > API Security
Hide My WP > Firewall > 8G Firewall
Hide My WP > Brute Force > reCaptcha Protection
Hide My WP > Two Factor > 2FA Login
Hide My WP > Mapping > Text Mapping
Hide My WP > Mapping > URL Mapping
Hide My WP > Tweaks > Hide Options
Hide My WP > Tweaks > Redirect Options
Hide My WP > Temporary Login > Logins
New Login Path /newlogin
Old Login Path shows 404 Error /wp-login.php
Old Admin Path shows 404 Error /wp-admin
New custom core paths changed with Hide My WP Ghost

安裝方式

Manually install the WP Ghost Lite plugin:
Step 1. Log In as an Administrator on your WordPress dashboard.
Step 2. In the WordPress menu, go to Plugins > Add New Plugin tab.
Step 3. Click on the Upload Plugin button from the top of the page.
Step 4. Click to browse and upload the hide-my-wp.zip file.
Step 5. After the upload, click the Activate Plugin button to activate the plugin.
Step 6. From the plugins list, click on the Settings link to go to plugin’s settings.
Step 7. Connect the plugin using your email address to get an instant free access token.
Step 8. Follow the setup guide from: https://wpghost.com/kb/install-wp-ghost-plugin/
Enjoy!

Install the WP Ghost Lite directly from the WordPress directory:
Step 1. Log In as an Administrator on your WordPress dashboard.
Step 2. In the WordPress menu, go to Plugins > Add New Plugin tab.
Step 3. Search for ‘WP Ghost’.
Step 4. After the plugin is shown, lick the Activate Plugin button to activate the plugin.
Step 5. From the plugins list, click on the Settings link to go to plugin’s settings.
Step 6. Connect the plugin using your email address to get an instant free access token.
Step 7. Follow the setup guide from: https://wpghost.com/kb/install-wp-ghost-plugin/
Enjoy!

WP Ghost Knowledge Base:

常見問題集

Does this plugin work on WP Multisite?

Yes, the plugin works on WP Multisite and you will configure it for the entire network.

The plugin also works with Apache, Nginx, IIS, and LiteSpeed servers

Is WP Ghost working on Nginx Server?

Yes, the plugin works on Nginx Server and you will be guided for the redirects and nginx.conf settings.

The plugin also works with Apache, IIS, and LiteSpeed servers

My website theme is not loading correctly after I change the paths. What should I do?

This issue is most likely from setting the rewritten rules.

Make sure you purge the cache if you have cache plugins after you save the WP Ghost settings.
In case the .htaccess (for apache) or nginx.conf (for Nginx) or web. config (for IIS) is not writable you need to add the rewrites manually.
If you have Nginx server make sure you reload the Nginx after you save the settings.
If the theme is still not loading okay, contact us and we can set up the plugin for you for free.

You can find useful information here: https://wpghost.com/kb/

I forgot the custom login and admin URLs. What now?

Don’t panic.

You can still access your site with the Safe URL that was downloaded when you saved the settings

Locked out of my site! I set the plugin, and after I logged out I couldn’t get back in

Rename the plugin directory /wp-content/plugins/hide-my-wp so that the plugins won’t hide the wp-login.php path anymore

Make sure you remember the secure parameter and it will be much easier.

Does WP Ghost work for the WordPress.com website?

Because of the Jetpack security in the WordPress.com website, WP Ghost can’t change the admin and login paths.

If you already activated Hide My Wp on WordPress.com, remove the directory /wp-content/plugins/hide-my-wp to disable the plugin.

Will this plugin work if I don’t have custom permalinks on my site?

No. You need to have custom permalinks set to ‘on’ in Settings > Permalinks.

You will get a notification on the Settings page if something is not set upright.

What do I need to do before I deactivate the plugin?

It’s better to switch to Default Mode in Settings > Hide My WP.

If you don’t, the plugin will automatically change your site back to the safe URLs and it will tell you what to do if you don’t have write permission for the config files

Is this Plugin free of charge?

Yes. The Lite features of the WP Ghost plugin will always be free.

We will include all the required WordPress Security updates.

To unlock all the features, please visit: WP Ghost – Pricing Plan

How to set the plugin on the Nginx server?

Please follow this tutorial step by step to set up the WP Ghost for Nginx server:

Setup WP Ghost on Nginx Server
Configure WP Ghost On Nginx Web Server With Virtual Private Server

Install WP Ghost on Kinsta Server
Install WP Ghost on RunCloud Server
Install WP Ghost on WPMUDEV Server
Install WP Ghost on Ploi.io Server
Install WP Ghost on Flywheel Server
Install WP Ghost on Amazon AWS Lightsail Server

How to Hide Your Site From WordPress Theme Detectors?

Changing the common WordPress paths will not guarantee that the WordPress CMS is completely hidden.

The old paths are still accessible and hackers are still able to inject SQL and Javascript into vulnerable installed plugins and themes.

Is this plugin enough to protect my website from all hackers?

The Free version of WP Ghost will not protect you from all hacker attacks. For extra security you need the premium version.

WP Ghost hides all the common paths and patterns used but bots to detect that you are using WordPress.

How Can I Change The WP Paths In Admin Dashboard?

By default, WP Ghost changes the paths only in frontend.

We don’t recommend this but if you want to change the path also in the admin dashboard, add this line in wp-config.php file

define('HMW_ALWAYS_CHANGE_PATHS', true);

Save the settings in WP Ghost and the WordPress paths will be changed in admin backend area.

Why The New Admin Path Is Redirected To Front Page?

By default, when you set WP Ghost plugin in Lite Mode, you can login only with the new login path.

To activate the option to access the new admin path and to be redirected to the new login path, do this:

Switch OFF the option WP Ghost > Change Paths > Admin Security > Hide the New Admin Path

Once you switch off the option and save the settings, when you access the new admin path, it will redirect to the new login path.

Customize Paths in WP Ghost

使用者評論

emmecappa 2024 年 11 月 26 日

Useful plugin

pplucay 2024 年 10 月 23 日

I’m very happy with this plugin, the free version is good, but the premium version is impecable, excellent. If you are doing a business project in internet, and you want to protect your website, this is the plugin. As a business owner I find buying the premium plugin is worth. And the support members of the plugins answer your question in less than a day, and even help you personally. Be safe with this plugin. Pedro L, Chile.

risoneto 2024 年 9 月 7 日 1 則留言

I’ve been using Hide My WP Ghost for several months now, and it has truly enhanced the security of my WordPress site. The setup process was straightforward, and the plugin provides comprehensive protection by hiding common vulnerabilities. What I love most is how it seamlessly integrates with other security measures without causing any conflicts. The customer support is also top-notch, always ready to assist with any questions. If you’re serious about keeping your site secure, this plugin is a must-have. Highly recommended!

daro2013 2024 年 8 月 3 日

Many thanks

daniellacatus 2024 年 8 月 2 日

After trying various security plugins for my WordPress sites, I decided to stick with Hide My WP Ghost – Security & Firewall, and I am extremely satisfied with this choice. This plugin has proven to provide comprehensive and efficient protection, allowing me to abandon all other security solutions I used to rely on.

garrigan 2024 年 8 月 1 日 1 則留言

Functioning as advertised and providing proper support are my top criteria.

閱讀全部 357 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈WP Ghost (Hide My WP Ghost) – Security & Firewall〉的開發相關工作。

John Darrel

〈WP Ghost (Hide My WP Ghost) – Security & Firewall〉外掛目前已有 4 個本地化語言版本。感謝全部譯者為這個外掛做出的貢獻。

將〈WP Ghost (Hide My WP Ghost) – Security & Firewall〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣？

任何人均可瀏覽程式碼、查看 SVN 存放庫，或透過 RSS 訂閱開發記錄。

變更記錄

5.4.01 (06 Ian 2025)

Update – Changed Hide My WP Ghost plugin name with short WP Ghost
Update – WP Ghost comes with a new logo in 2025
Update – More security on REST API for user listing when User Security is activated
Update – Plugin Security and Firewall rules

5.3.02 (08 Nov 2024)

Update – Compatibility with WP 6.7
Update – Add Brute Force for comments form in Brute Force
Update – Translations
Fix – Issue when changing relative to absolute path in javascript
Fix – Root domain regarding multisite with subdomains
Fix – Compatibility with LiteSpeed CDN domains
Fix – Use WordPress function for all parse url
Fix – Activate firewall by default when Lite mode option is selected
Fix – Compatibility with WP Rocket background CSS loader
Fix – Flush changed to config file when some features are activated in Overview section
Fix – Clear cache for Litespeed plugin when changing is made in the Mapping section
Fix – Activate the Text Mapping in CSS and JS files option for hiding class names like elementor or woocommerce

5.3.01 (07 Oct 2024)

Update – Added Hide My WP Advanced Pack in Plugins suggestion
Update – Added Drupal 11 in CMS simulation
Update – Set 404 Not Found error as default option for hidden paths
Update – The files CSS and JS files from WP 6.6 when Clean Login is selected in Advanced > Compatibility
Update – Added the option to pause the plugin for 5 minutes for testing purposes
Update – Compatibility with WP Rocket Background CSS loader
Update – Map Litespeed cache directory in URL Mapping
Fix – Redirect to homepage the newadmin when user is not logged in
Fix – Remove dynamic CSS and JS when Text Mapping is switched off
Fix – Prevent changing wp-content and wp-includes paths in deep URL location and avoid 404 errors

5.3.00 (20 Sept 2024)

Update – Added New Feature Magic Link Login Without Password in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Code (2FA) in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Email (2FA) in Hide My WP > Overview
Update – Added New Feature Temporary Logins Without Password in Hide My WP > Overview
Update – Compatibility with WP 6.6.2 & 8.3.11
Update – Brute Force compatibility with UsersWP plugin
Update – Cookie set on WP Multisite with subdomains
Update – Brute Force shortcode to work with different login forms
Update – Brute Force shortcode to work with Elementor login form
Fix – Compatibility with Nitrocache
Fix – Compatibility with Squirrly SEO
Fix – Compatibility with Autoptimize
Fix – Compatibility with Woocommerce
Fix – Compatibility with Wordfence
Fix – Security Check on admin url and login url
Fix – Google reCaptcha on frontend popup to load google header if not already loaded
Fix – Hide New Login Path to allow redirects from custom paths: lost password, signup and disconnect
Fix – WP Multisite active plugins check to ignore inactive plugins
Fix – Small bugs

5.2.04 (07 July 2024)

Fix – Compatibility with WP 6.6
Fix – Security * Update on wp-login.php and login.php

5.2.03 (04 July 2024)

Update – Added the option to hide the new login path on redirects
Update – Hide login.php path together with wp-login.php path from being redirect to the new login
Update – File permissions check in Security Check to check htaccess and login paths
Fix – Small bugs

5.2.02 (19 June 2024)

Update – Added more path in Frontend Test to make sure the settings are okay before confirmation
Update – Firewall message on blocking process when loading on WP initialization
Update – Compatibility with Wordfence to prevent rewrite rules * Update on security scan
Update – Language translation and typos fixed
Update – Disable click and keys to work without jQuery
Update – Added the option to immediately block a wrong username in Brute Force
Update – Sub-option layouts
Fix – Trim error in cookie when main domain cookie is set
Fix – Filter words in 8G Firewall that might be used in article slugs

5.2.01 (04 June 2024)

Update – Added Firewall blacklist by User Agent
Update – Added Firewall blacklist by Referrer
Update – Added Firewall blacklist by Hostname
Update – Added the option to select the level of access for an IP address in whitelist
Removed – Mysql database permission check as WordPress 6.5 handles DB permissions more secure
Moved – Firewall section was moved to the main menu as includes more subsections
Fix – 8G Firewall compatibility with all page builder plugins
Fix – preg_match warning on firewall.php when checking search engine bots
Fix – Firewall saving process for Whitelist and Blacklist features
Fix – Login access when member plugins are used for login process

5.1.03 (20 May 2024)

Update – Compatibility with WP 6.5.3
Update – Compatibility with WPEngine rules on wp-admin and wp-login.php
Update – Add whitelist paths feature
Update – Select the Whitelist level for IPs and Paths
Fix – Prevent firewall to record all triggered filters as fail attempts
Fix – Remove filter on robots when 8G firewall is active
Fix – Frontend Login Check popup to prevent any redirect to admin panel in popup test
Fix – Prevent redirect the wp-admin to new login when wp-admin path is hidden
Fix – Prevent blocking login page on password protection page when the login path is set by another plugin

5.1.02 (30 Apr 2024)

Update – Security Check verifies the firewall against SQL & Script injection and weak usernames
Update – Font-sizes and layouts
Update – Add support to MyList theme
Update – 7g & 8G firewall to match more WP actions and compatibility with more plugins

5.1.01 (10 Apr 2024)

Update – Added the 8G Firewall filter
Update – Added the required header security for Apache and Nginx
Update – Added the option to block the theme detectors
Update – Added the option to block theme detectors crawlers by IP & agent
Update – Added the option to simulate CMSs like Drupal & Joomla
Update – Added the option on Apache to insert the firewall rules into .htaccess
Fix – Load Firewall on all server types only in frontend to avoid functionality issues in backend
Fix – Avoid loading recaptcha on Password reset link
Fix – Screen 120dpi display layout
Fix – Hide reCaptcha secret key in Settings

5.0.29 (19 Mar 2024)

Update – Compatibility with WP 6.5
Update – Compatibility with CloudPanel & Nginx servers
Update – Compatibility with WordFence scanning
Fix – Hide rest_route only for visitors to avoid errors with builders

5.0.28 (14 Feb 2024)

Compatibility with PHP 8.3 and WP 6.4.3
* Update – Compatibility with Hostinger
* Update – Compatibility with InstaWP
* Update – Compatibility with Solid Security Plugin (ex Solid Security)
* Update – Added the option to block the API call by rest_route param
* Update – Added new detectors in the option to block the Theme Detectors
* Update – Security Check for valid WP paths
* Fix – Don’t load shortcode recapcha for logged users
* Fix – Rewrite rules for the custom wp-login path on Cloud Panel and Nginx servers
* Fix – Issue on change paths when WP Multisite with Subcategories
* Fix – Hide rest_route param when Rest API directory is changed
* Fix – Multilanguage support plugins
* Fix – Small bugs & typos

5.0.27 (18 Oct 2023)

Update – Compatibility with WP 6.4.1 & PHP 8.3
Update – Option to create a random suffix number instead of the version number to prevent caching on static files in admin
Fix – Default redirect URL in Tweaks > Redirects
Update – Compatibility with MainWP Server-Client
Update – Compatibility with WPML plugin
Update – Hide rest_route param when Rest API directory is changed
Fix – URL query args sanitization when the rewrite rules are not added correctly in config file
Fix – Specify the jQuery on Disable Click feature
Update – Compatibility with Hostinger
Update – Compatibility with InstaWP
Update – Add shortcode on BruteForce [hmwp_bruteforce] for any login form
Fix – Small Bugs

5.0.26 (28 Aug 2023)

Fix – Brute Force Math Recaptcha security
Fix – Compatibility with themes without Brute Force Math Recaptcha

5.0.25 (23 Aug 2023)

Fix – Paths change in feed for logos and links
Fix – Security Check report
Fix – Improved security on login
Fix – Typos & Bugs

5.0.24 (03 July 2023)

Update – Frontend Test to check and show the not found links
Update – Add compatibility with 2FA and Two-Factor plugins for two factor authentication
Update – Add Compatibility with FlyingPress & WPFrontendAdmin
Update – WP functions and notifications for PHP 8.2 compatibility
Update – Add new key combinations in HMWP disable inspect element and view source
Fix – Prevent login redirect when the prevent slowing website is activated

5.0.23 (29 May 2023)

Update – Add the option to connect to the custom login path from Cloud
Update – Compatibility with WP 6.2.2
Fix – Typos and small bugs

5.0.22 (16 May 2023)

Update – Add compatibility for Cloud Panel servers
Update – Add compatibility for CMP Coming Soon & Maintenance Plugin by NiteoThemes plugin
Update – Add the option to select the server type if it’s not detected by the server
Update – Add the option to add the rules between the WordPress rewrite rules on Apache/Litespeed servers
Update – Compatibility with SiteGround
Update – Compatibility with Avada when cache plugins are enabled
Fix – Remove the rewrites from WordPress section when the plugin is deactivated
Fix – User roles names display on Tweaks
Fix – Combined the Plugin Loading Hook into one option

5.0.20 (03 May 2023)

Update – File processing when the rules are not set correctly
Update – Security headers default values
Fix – Compatibilities with the last versions of other plugins
Fix – Reduce resource usage on 404 pages

5.0.19 (23 Apr 2023)

Update – Brute Force protection on lost password form
Update – Brute Force protection on Woocommerce (login, signup, lost passowrd)
Update – Compatibility with MemberPress plugin
Fix – My account link on multisite option
Fix – Settings to verify the array values on settings saving process
Fix – Small Bugs

5.0.18 (03 Mar 2023)

Update – Compatibility with WP 6.2
Update – Compatibility with more plugins and themes
Update – Security check when wp-content is customized
Update – File handle for login, signup, logout
Update – Compatibility with PHP 8.2
Update – Remove the atom+xml meta from header
Update – Remove the noredirect param if the redirect is fixed
Update – Check the XML and TXT URI by REQUEST_URI to make sure the Sitemap and Robots URLs are identified
Update – Check the rewrite rules on WordPress Automatic updates too
Update – Add the option to disable HMWP Ghost custom paths for the whitelisted IPs
Update – Save all section on backup restore
Update – Add the option to remove the sitemap style as a separate option from changing the paths in Sitemap.

5.0.17 (19 Dec 2022)

Update – Compatibility with WP 6.1
Update – Remove the noredirect param if the redirect is fixed
Update – Update the verification of the XML and TXT URI
Update – Get the correct login URL when backend URL is different from frontend URL
Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
Fix – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
Fix – White screen on iphone > safari when disable inspect element option is on
Fix – To remove the version from URL even if the ‘ver’ param doesn’t have any value
Fix – Typo in Security Check

5.0.16 (21 Oct 2022)

Update – Add the Brute Force protection on Register Form to prevent account spam
Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
Update – Added the option to prioritize the loading of HMWP Ghost plugin for more compatibility with other plugins
Update – Compatibility with LiteSpeed servers and last version of WordPress
Update – Compatibility with Breakdance plugin
Update – Compatibility with Nicepage Builder plugin
Update – Compatibility with WP 6.0.2
Fix – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
Fix – Remove the get_site_icon_url hook to avoid any issue on the login page with other themes
Fix – Compatibility with ShortPixel webp extension when Feed Security is enabled
Fix – Fixed the ltrim of null error on PHP 8.1 for site_url() path

5.0.15 (06 Sept 2022)

Fix – URL Mapping for Nginx servers to prevent 404 pages
Fix – PHP error in Security Check when the X-Powered-By header is not string
Fix – Compatibility with Wp-Rocket last version
Fix – Brute force math issue on woocommerce login when third party woocommerce logins
Fix – Not to hide the image on login page when no custom image is set in Appearance > Customize > Site Logo
Fix – Compatibility with ShortPixel webp extension when Feed Security is enabled
Update – Compatibility with Nicepage Builder plugin
Update – Compatibility with WP 6.0.2

5.0.14 (17 June 2022)

Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – Compatibility with WordPress 6.0
Update – Add the option to automatically redirect to admin when access the login page and the user is logged
Fix – Avoid showing 404 error on Litespeed WP Multisite when a new site is created
Fix – Avoid showing 404 error on Litespeed WP Multisite when a new taxonomy is created
Fix – Brute force math security when the math field is deleted
Fixed the hidden URLs process

5.0.13 (03 May 2022)

Update – Compatibility with WordPress 5.9.3
Update – Compatibility with BackUpWordPress plugin
Update – Compatibility with Themify theme
Fix – Added the URI in the redirected URL
Fix – Compatibility with LiteSpeed cache plugin

5.0.12 (08 Mar 2022)

Update – Added compatibility with Backup Guard Plugin
Update – Prevent affecting the cron processes on Wordfence & changing the paths during the cron process
Update – Change the WP-Rocket cache files on all subsites for WP Multisite
Update – Automatically add the CDN URL if WP_CONTENT_URL is set as a different domain
Update – Compatibility with WordPress 5.9.1
Fix – Change Paths for Logged Users issue
Fix – Show the feature icon in the feature list
Fix – Show all the rewrite paths for WpEngine with PHP >7.4
Fix – Frontend test when the plugins paths are not changed

5.0.11 (22 Feb 2022)

Update – Added 7G Firewall option in Hide My WP > Change Paths > Firewall & Headers > Firewall Against Script Injection
Update – Fixed the menu hidden issue when other security plugins are active
Update – Compatibility with Login/Signup Popup plugin when Brute Force Google reCaptcha is activated
Update – Compatibility with Buy Me A Coffee plugin
Fix – Library loading ID in HMWP Ghost

5.0.10 (17 Feb 2022)

Update – Added new option in Login Security: Hide the language switcher option on the login page
Update – Added the option to reset all settings to default
Update – Added the Ctrl + Shift + C restriction when Inspect Element option is active
Update – Added the features text for translation
Update – Added Firewall & Headers option
Update – Added the option to ignore the notifications and avoid repeating alerts
Update – Added the option to disable Right-Click for logged users and user roles
Update – Added the option to disable Inspect Element for logged users and user roles
Update – Added the option to disable View Source for logged users and user roles
Update – Added the option to disable Copy/Paste for logged users and user roles
Update – Added the option to disable Drag/Drop for logged users and user roles
Update – Add the option to hide the wp-admin path for non-admin users
Update – Compatibility with Namecheap hosting
Update – Compatibility with Ploi.io
Update – Compatibility with WordPress 5.9
Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – Compatibility with Advanced Access Manager (AAM) plugin
Update – Compatibility with WPS Hide Login
Update – Compatibility with JobCareer theme
Update – Compatibility with Wordfence Security Scan when the wp-admin is hidden
Update – Compatibility with the Temporary Login Without Password plugin to work with the passwordless connection on custom admin
Update – Compatibility with the LoginPress plugin to work with the passwordless connection on custom admin
Update – Compatibility with WordPress Sitemap, Rank Math SEO, SEOPress, XML Sitemaps to hide the paths and style on Nginx servers
Update – Compatibility with Nitropack
Update – Compatibility with OptimizePress Dashboard
Update – Compatibility with Bricks Builder
Update – Compatibility with Zion Builder
Update – Compatibility with MainWP
Update – Compatibility with Limit Login Attempts Reloaded
Update – Compatibility with Loginizer
Update – Compatibility with Shield Security
Update – Compatibility with iThemes Security
Update – Compatibility with Smush plugin
Update – Compatibility with Wordfence 2FA when reCaptcha is active
Update – Added compatibility with JCH Optimize 3 plugin
Update – Added compatibility with Oxygen 3.8 plugin
Update – Added compatibility with WP Bakery plugin
Update – Added compatibility with Bunny CDN plugin
Update – Update compatibility with Manage WP plugin
Update – Update compatibility with the Autoptimize plugin
Update – Update compatibility with Breeze plugin
Update – Update compatibility with Cache Enabler plugin
Update – Update compatibility with CDN Enabler plugin
Update – Update compatibility with Comet Cache plugin
Update – Update compatibility with the Hummingbird plugin
Update – Update compatibility with Hyper Cache plugin
Update – Update compatibility with the Litespeed Cache plugin
Update – Update compatibility with the Power Cache plugin
Update – Update compatibility with the W3 Total Cache plugin
Update – Update compatibility with WP Fastest Cache plugin
Update – Update compatibility with the iThemes plugin
Update – Added compatibility with Hummingbird Performance plugin
Update – Advanced Text Mapping to work with Page Builders in admin
Update – Changing the paths in sitemap.xml and robots.txt to work with all SEO plugins
Update – Translate the plugin into more languages
Update – Select the cache directory if there is a custom cache directory set in the cache plugin
Update – Show the change in cache files option for more cache plugins
Update – Removed the WordPress title tag from login/register pages
Fix – Brute Force blocking Wordfence Cron Job
Fix – Infinite loop when POST action on unknown paths
Fix – Remove the login URL from the logo on the custom login page
Fix – Set Filesystem to direct connection for file management
Fix – Don’t show the rewrite alert messages if nothing was changed in HMWP

Security:
Two-Factor Authenticator Code
2FA Security
Temporary Login without password
WordPress Security Plugin
Ocultar Mi WP – Plugin de seguridad de WordPress
Ocultar meu WP – Segurança do WordPress
Cacher mon WordPress – Plugin de sécurité WordPress
Verstecken Sie mein WordPress – WordPress Sicherheits-Plugin
Hide My WP – WordPress Security Plugin
Hide WordPress
Security Plugin
Hide My WP free download
Hide wp-login URL

Useful

Highly recommended, best on the solution

Amazing Security Plugin!

Very Powerful Security Plugin

I highly recommend Hide My WP Ghost – Security & Firewall

The product functions as advertised, and the support team resolves issues.