Description
WP-Hide has launched the easiest way to completely hide your WordPress core files, login page, theme and plugins paths from being shown on front side. This is a huge improvement over Site Security, since no one will know whether you are running or not a WordPress. It also provides a simple way to clean up html by removing all WordPress fingerprints.
No file and directory change!
No file and directory will be changed anywhere. Everything is processed virtually. The plugin code uses URL rewrite techniques and WordPress filters to apply all internal functionality and features. Everything is done automatically without user intervention required at all.
Real hide of WordPress core files and plugins
The plugin not only allows you to change default URLs of you WordPress, but it also hides/blocks such defaults. Other similar plugins, just change the slugs, but the defaults are still accessible, obviously revealing WordPress as CMS.
You can change the default WordPress login URL from wp-admin and wp-login.php to something totally arbitrary. No one will ever know where to try to guess a login and hack into your site. It becomes totally invisible.
Full plugin documentation available at WordPress Hide and Security Enhancer Documentation
When testing with WordPress theme and plugins detector services/sites, any setting change may not reflect right away on their reports, since they use cache. So, you may want to check again later, or try a different inner URL. Homepage URL usage is not mandatory.
Being the best content management system, widely used, WordPress is susceptible to a large range of hacking attacks including brute-force, SQL injections, XSS, XSRF etc. Despite the fact the WordPress core is a very secure code maintained by a team of professional enthusiast, the additional plugins and themes make ita vulnerable spot for every website. In many cases, those are created by pseudo-developers who do not follow the best coding practices or simply do not own the experience to create a secure plugin.
Statistics reveal that every day new vulnerabilities are discovered, many affecting hundreds of thousands of WordPress websites.
Over 99,9% of hacked WordPress websites are target of automated malware scripts, which search for certain WordPress fingerprints. This plugin hides or replaces those traces, making the hacking boots attacks useless.
It works well with custom WordPress directory structures,e.g. custom plugins, themes, and upload folders.
Once configured, you need to clear server cache data and/or any cache plugins (e.g. W3 Cache), for a new html data to be created. If you use CDN this should be cache clear as well.
Sample usage
Main plugin functionality:
- Customizes Admin URL
- Blocks default admin URL
- Blocks any direct folder access to completely hide the structure
- Customize wp-login.php filename
- Blocks default wp-login.php
- Blocks default wp-signup.php
- Blocks XML-RPC API
- Creates New XML-RPC paths
- Adjusts theme URL
- Creates New child Theme URL
- Changes theme style file name
- Cleans any headers for theme style file
- Customizes wp-include
- Blocks default wp-include paths
- Blocks default wp-content
- Customizes plugins URL
- Changes Individual plugin URL
- Blocks default plugins paths
- Creates New upload URL
- Blocks default upload URL
- Removes WordPress version
- Blocks Meta Generator
- Disables the emoji and required javascript code
- Removes pingback tag
- Removes wlwmanifest Meta
- Removes rsd_link Meta
- Removes wpemoji
- Minifies Html, Css, JavaScript
- Security Headers
and many more.
No other plugin functionality will be blocked or interfered in any way by WP-Hide
This plugin allows to change the default Admin URL from wp-login.php and wp-admin to something else. All original links turn the default theme to “404 Not Found” page, as if nothing exists there. Besides the huge security advantage, the WP-Hide plugin saves lots of server processing time by reducing php code and MySQL usage since brute-force attacks target the weakURL.
Important: Compared to all other similar plugins which mainly use redirects, this plugin turns a default theme to“404 error” page for all blocked URL functionalities, without revealing the link existence at all.
Since version 1.2, WP-Hide change individual plugin URLs and made them unrecognizable. For example,the change of the default WooCommerce plugin URL and its dependencies from domain.com/wp-content/plugins/woocommerce/ into domain.com/ecommerce/cdn/ or anything customized.
Plugin Sections
Hide -> Rewrite > Theme
- New Theme Path – Changes default theme path
- New Style File Path – Changes default style file name and path
- Remove description header from Style file – Replaces any WordPress metadata information (like theme name, version etc.,) from style file
- Child – New Theme Path – Changes default child theme path
- Child – New Style File Path – Changes child theme style-sheet file path and name
- Child – Remove description header from Style file – Replaces any WordPress metadata information (like theme name, version etc.,) from style file
Hide -> Rewrite > WP includes
- New Include Path – Changes default wp-include path/URL
- Block wp-include URL – Blocks default wp-include URL
Hide -> Rewrite > WP content
- New Content Path – Change default wp-content path/URL
- Block wp-content URL – Blocks the default content URL
Hide -> Rewrite > Plugins
- New Plugin Path – Changes default wp-content/plugins path/URL
- Block plugin URL – Blocks default wp-content/plugins URL
- New path / URL for Every Active Plugin
- Customize path and name for any active plugins
Hide -> Rewrite > Uploads
- New Upload Path – Changes default media files path/URL
- Block upload URL – Blocks default media files URL
Hide -> Rewrite > Comments
- New wp-comments-post.php Path
- Block wp-comments-post.php
Hide -> Rewrite > Author
- New Author Path
- Block default path
Hide -> Rewrite > Search
- New Search Path
- Block default path
Hide -> Rewrite > XML-RPC
- New XML-RPC Path –…