Hide My WP Ghost – Pros, Cons and Verdict


Hide My WP Ghost is a WordPress Security plugin that works like obscurity-based security for WordPress websites. Security through obscurity is the best defense against hackers' bots.

Rating Overall:

If you own a WordPress site, over time you will realize there are many bots and hacking attempts would be made on your platform. Hide My WP Ghost secures your WordPress Installation by hiding all kinds of traces of WordPress from the platform.

It is crucial to understand that if you do not hide the information about your WordPress setup, it just makes the hackers keep on coming back to the website and looking for a weak access point.

It’s essential for every WordPress website owner to understand how to secure their website from intrusion. Hide My WP Ghost plugin is a easy-to-use plugin that can secure and obfuscate your WordPress site visible information from the prying eyes.

I have tested this product on 3 different WordPress sites and the setup time was generally less than 10 minutes. Here are the feature set I have implemented on the WordPress sites.

Change Paths

Hide traces of common WordPress folders. For example, WP-CONTENT, WP-ADMIN. These are the folders so easy to guess and open to penetrations.

Hide My Wp Ghost Hide Paths


API Security

I have also disabled XML-RPC and REST API access. Most day to day WordPress blogs does not require these.

Hmwp Api Security


Completely Hide Plugins with Hide My WP Ghost

This is a very important configuration, it helps you even if you have a vulnerable plugin in your system. A hacker won’t be able to find a way to access the file location.

Hmwp Hide Plugins

These are some of the major configuration done using Hide My WP Ghost Plugin. You should check out the video below for a better walkthrough and understanding of this plugin.

Did it actually Hide My WordPress Installation?

Test Via Wappalyzer

Test Via Wappalyzer

Test Via BuiltWith

Test Via Builtwith


Price Starting from $59

Plan Details  Plan Details

$59 for 10 Sites, $118 for Unlimited Sites, $177 for Unimited Sites with White-Labeling options

Features list icon  Features

Pros  Pros

  • Website security scanner
  • Brute force protection
  • Limit login attempts with variable configurations
  • Protection from cross-site scripting
  • Make use of Recaptcha on the login page
  • Change all WordPress system paths easily using htaccess.
  • Remove all traces of WordPress from the platform
  • Theme sniffers and tools like BuiltWith can’t detect the platform
  • Works with IIS, Apache, Litespeed and Nginx servers.
  • Completely hide plugins and themes
  • Advanced Ghost mode
  • Compatibility with CDN services
  • Email alerts
  • Online panel to manage and view connected sites, event logs and security monitoring.
  • Hide all other WordPress system files
  • Re-write Class names, IDs, and JS variables

Cons  Cons

  • Online Panel could be improved in terms of UI
  • No 2FA authentication options
  • Advanced Ghost mode might break some themes and designs
  • Online Panel Security and Events log can be improved to monitor the uptime of the sites as well
  • Currently Nginx servers requires certain modifications that Shared hosting sites might not be able to handle. The modifications on the Nginx sites are explained here.  You will need a VPS level Nginx setup to make it work

Verdict  My Verdict

Hide My WP Ghost is a very useful product that is also from a long time proven team of Squirrly.co. I think every WordPress website owner should keep this in their toolbelt. Fast, easy to configure and implement. Yes, some areas it takes a good WordPress expert to work things out. Also do not forget to keep backup of the website when you test, just a general recommendation to do backup. This is a little gem plugin for WordPress which most other products are NOT offering under the same hood.

Here is my recommendation for your WordPress setup:

  1. Get a proven Good Hosting – they will give you server side protection. You don’t need all the heavy bloated security plugins like WordFence.
  2. Get Hide My WP Ghost – secure and remove traces of all public WordPress info, and secure your WordPress application side.

Yes, it is that simple. You do not need crazy and heavy plugins in your WordPress. 

Is it Perfect?

No product is perfect. It is a journey of Improvement going forward. Personally, I would like to see more improvements and features going forward.

Video  Video

Disclosure: The pages you visit may contain external affiliate links that may result in me getting a commission if you decide to buy the mentioned product. I am not paid by the companies to recommend or to write any positive remarks about these products. I only write about the tools that I use personally. Decision to purchase to be at your sole discretion.