Hide that You Use WordPress with Hide My WP
WordPress websites are susceptible to a wide range of attacks including SQL injections, brute-force attacks, and unauthorized logins. Security plugins such as WordFence and iThemes Security can improve the security of your website by addressing common security issues such as changing the administrator account from admin.
I came across another security plugin recently entitled Hide My WP that tackles hackers in a different manner.
The plugin was developed because most hackers and bots know where to find important WordPress files and pages. A bot that is designed to target WordPress websites will therefore attack any website with WordPress files, and pass by those that do not.
Just as hacking software takes advantage of the fact that all WordPress websites are structured in the same way, Hide My WP takes advantage of the fact that software can only target your website if it knows your website structure. It does this by removing all evidence that your website is powered by WordPress. This makes it very difficult for hackers to infiltrate your website.
Let us take a closer look at how Hide My WP can protect your website from malicious attacks.
Like all good WordPress plugins that have many configuration options, Hide My WP features import and export functionality. Debug reports are also available for developers.
What sets Hide My WP apart is the ability to import pre-made setting schemes. You can choose from medium privacy (more compatibility), medium privacy (quick), and high privacy (less compatibility). Choosing one of these setting schemes will add the data to the import box and change the way the plugin is set up. This is a fantastic feature that will save you a lot of time setting up the plugin.
While the preset setting schemes are useful, it should only take you five to fifteen minutes to go through the two main setting pages and configure Hide My WP for your website.
A number of settings are available at the top of the general settings page, including an option to use one of your pages for 404 errors and hiding your wp-login.php page using a new unique URL. Your admin area can also be hidden to user groups that you have not marked as trusted.
Hide My WP lets you hide many things so that software cannot detect that your website is powered by WordPress. For example, you can hide WordPress details that are added to feeds, the version of WordPress you are using, and important folders such as /wp-includes/ and /wp-content/.
The plugin has some additional features such as minification and an option to replace words and URL’s from your outputted HTML file.
Permalinks & Url Settings
The permalinks and URL settings page is where you customize how your files, folders, and pages, are hidden. You can rename your plugin folder, stylesheet, wp-includes folder, and uploads folder.
The wp_comments_post.php can also be renamed. This stops hackers from persistently spamming you with spam comments.
The base and query part of your URLs for author and feed pages can also be modified. Alternatively, you can completely disable them from public view.
The same modifications can be applied to posts, pages, categories and tags. This helps make it even more difficult for software to detect that your website is powered by WordPress.
Search can also be modified or disabled. Other options include the ability to disable archives and custom post types.
Be aware that disabling many features of your website may hurt the user experience. For example, removing category archives means that visitors cannot search through posts from a particular category. However if you choose to disable search, you can always replace the default WordPress search functionality with Google search.
Hide My WP allows you to completely change the public structure of important core files and pages, theme files, and plugin files.
Due to the nature of security plugins, it is difficult to check whether they are effective or not. After all, a website that is not attacked does not guarantee that its security measures are working. Though there is no doubt that the measures that Hide My WP takes to hide important areas of your website will make it more difficult for hackers and bots to attack your website.
The Hide my WP WordPress plugin is available on CodeCanyon for $23. The plugin has not been updated since November 2013, however the developer does seem to be actively providing support for the plugin.
Visit the Hide My WP information page for a complete list of its features 🙂
nice plugin, i am planning to purchase this
Yes this is what have being looking for. Thank for sharing this
I use it for almost all of my clients and they’re all happy with it!
It’s a must-have.
Good advice as I can understand the working principles of WP more.
I am getting mail that some one is trying to access my wp-admin page i checked field called (“Spy Notify” Send an email to site admin whenever someone visits 404 page!) but if they try to access any of 404 or page which is not available into website then also i am getting mail that they are trying to access wp-admin page how i can resolve it….?
And how i can know website detail or person detail from Ip address…?
That is strange, please contact the plugin author developer for assistance with this. If you purchased the plugin they should be able to help you out!
nice plugin good post. thanks.
I can understand the working principles of WP more.
the plugin is not longer avaliable. Any other solution or plugin?
Oh dear, it looks like they might be selling the plugin on their own instead of through CodeCanyon. Another option could be the Guaven plugin – I haven’t tested that one yet myself, but it looks promising 🙂
I was looking for this type plugins from a long time…. thanks!
Wow, I could surely use one of those. So the plugin works like an invisibility cloak if you will. Cool! Thanks for posting this, Kevin.
And what do you think about Swift Security plugin? Which is better?
Hi Kyla we are using this plugin on our site lifeonbars.co.uk but have noticed it slows the site down by 2 secs. Did you notice any speed issues whilst testing.
Also i think they have removed it due to the new Envato VAT policy as a lot of people seem to be leaving
It shouldn’t affect page speed especially not 2 seconds! Do you have proper caching on your site? I saw they had removed the plugin, but I think they are going to be adding it back.
The plugin is back on sale, it is sad that they do not have a developer version. It cannot be used by designers for use by clients, each time the cost of buying the plugin is just added to the site development charges.
Nice tutorial, but i find it a bit too technical for me. I used this plugin instead WP Hide & Security Enhancer which does a great job.
Nice One, thanks!
Nice One, thanks!
This plugin slows down loading of the site for several seconds. It slows down even admin panel. It is very bad written plugin i wa forced to use by a client.
I believe the plugin uses rewrite rules so it really shouldn’t effect your site speed (assuming you’re using a decent hosting plan, a good theme and a reasonable number of plugins). But if you’re having issues, just reach out to the developer. I’m sure they can help troubleshoot your issue.