Hide My WP Ghost – Pros, Cons and Verdict
Editors Rating
Hide My WP Ghost is a WordPress Security plugin that works like obscurity-based security for WordPress websites. Security through obscurity is the best defense against hackers’ bots.
If you own a WordPress site, over time you will realize there are many bots and hacking attempts would be made on your platform. Hide My WP Ghost secures your WordPress Installation by hiding all kinds of traces of WordPress from the platform.
It is crucial to understand that if you do not hide the information about your WordPress setup, it just makes the hackers keep on coming back to the website and looking for a weak access point.
It’s essential for every WordPress website owner to understand how to secure their website from intrusion. Hide My WP Ghost plugin is a easy-to-use plugin that can secure and obfuscate your WordPress site visible information from the prying eyes.
I have tested this product on 3 different WordPress sites and the setup time was generally less than 10 minutes. Here are the feature set I have implemented on the WordPress sites.
Change Paths
Hide traces of common WordPress folders. For example, WP-CONTENT, WP-ADMIN. These are the folders so easy to guess and open to penetrations.
API Security
I have also disabled XML-RPC and REST API access. Most day to day WordPress blogs does not require these.
Completely Hide Plugins with Hide My WP Ghost
This is a very important configuration, it helps you even if you have a vulnerable plugin in your system. A hacker won’t be able to find a way to access the file location.
These are some of the major configuration done using Hide My WP Ghost Plugin. You should check out the video below for a better walkthrough and understanding of this plugin.
Did it actually Hide My WordPress Installation?
Test Via Wappalyzer
Test Via BuiltWith
Plan Details
Plan Type: Lifetime
Feature List
- Website security scanner
- Brute force protection
- Limit login attempts
- Protection from cross-site scripting
- Make use of Recaptcha on the login page
- Change all WordPress system paths easily using htaccess.
- Remove all traces of WordPress from the platform
- Theme sniffers and tools like BuiltWith can’t detect the platform
- Works with IIS, Apache, Litespeed and Nginx servers (See cons – You would need access to Nginx config file).