Descripción

¡Aumenta la seguridad de tu WordPress con el plugin Hide My WP Ghost!

Hide My WP Ghost es un plugin de seguridad para WordPress para la prevención de hackeos. Con funciones potentes y fáciles de usar, aumenta la seguridad de tu sitio sin alterar ningún directorio ni archivo.

Join over 100,000 secured websites with Hide My WP Ghost. The plugin has blocked over 9 million brute force attempts and stopped over 140,000 monthly hacks.

Key features include powerful protection against:

Ataques de fuerza bruta

Ataques de inyección de SQL

Script Injection Attacks

XML-RPC attacks

File Inclusion

Malware injection

Cross-Site Scripting (XSS)

Throttling of Access Attempts to Entry Points

y más

¡Protege tu sitio hoy mismo! Hide My WP Ghost oculta todas las rutas comunes de los hackers, protegiendo todos tus plugins y temas de manera efectiva

YouTube – Por qué deberías tener Hide My WP

Hide My WP Ghost is packed with over 50 security features:

Change and Hide Paths:

Ocultar el archivo wp-admin de WordPress, y mostrar un error 404 o una página personalizada

Ocultar el archivo wp-login.php de WordPress, y mostrar un error 404 o una página personalizada

Change the wp-admin and wp-login URLs

Cambia la URL de contraseña perdida

Cambia la URL de registro

Cambia la URL de cierre de sesión

Cambia la URL de activación

Cambiar la URL de admin-ajax

Cambiar la URL de wp-content

Cambiar la URL de wp-includes

Cabiar la URL de las subidas

Cambiar la URL de los comentarios

Cambiar la URL de autor

Cambiar la URL de los plugins

Cambiar el nombre de los plugins

Cambiar la URL de los temas

Cambiar el nombre de los temas

Nombre del archivo “style.css” del tema personalizado

Cambiar la URL de wp-jason en la API REST

Cambiar la URL de categoría

Cambiar la URL de las etiquetas

Redirecciones personalizadas de acceso en el perfil de usuario

Personalizar las redirecciones de salida basadas en el perfil de usuario

Cambiar las URLs de relativas a absolutas

Cambiar las URLs en las llamadas de ajax

Cambiar las URLs para usuarios conectados

Cambiar las URLs en los archivos de caché

Cambiar las rutas en Sitemap.xml

Cambiar las rutas en Robots.txt

Firewall:

Two-factor Authentication By Code (2FA)

Two-factor Authentication By Email (2FA)

Cabecera de seguridad contra las inyecciones XSS y de código

Cabecera de seguridad Strict-Transport-Security

Cabecera de seguridad Content-Security-Policy

Cabecera de seguridad X-XSS-Protection

Cabecera de seguridad X-Content-Type-Options

Cabecera de seguridad X-Frame-Options

Cortafuegos contra inyecciones de Script y SQL

Filtro de seguridad de 7G Firewall

8G Firewall Security Filter

Block by IP Addresses

Block by User Agents

Block by Referrers

Block by Hostnames

Hide Website from Theme Detectors

Ocultar opciones:

Ocultar la ruta /wp-admin

Ocultar la ruta /wp-login

Ocultar la ruta /login

Ocultar la ruta de wp-json de la API REST

Ocultar la barra de herramientas del administrador en el perfil del usuario

Ocultar IDs de estilos y meta

Ocultar los comentarios HTML de WordPress

Ocultar la versión y las etiquetas de WordPress

Ocultar el enlace de precarga de DNS de WordPress

Ocultar la meta generator de WordPress

Ocultar encabezado de RSD (Really Simple Directory)

Ocultar los emotíconos si no los utilizas

Desactivar las opciones:

Desactivar el acceso a la API REST

Desactivar el acceso por XML-PRC

Desactivar los scripts incrustadas

Deshabilitar DB-Debug en Frontend

Desactivar los scripts de WLW Manifest

Desactivar Seleccionar todo – Ctrl+A (Windows y Linux), ⌘+A (macOS)

Desactivar Copiar – Ctrl+C (Windows y Linux), ⌘+C (macOS)

Desactivar Cortar – Ctrl+X (Windows y Linux), ⌘+X (macOS)

Desactivar Pegar – Ctrl+V (Windows y Linux), ⌘+V (macOS)

Desactivar Guardar – Ctrl+S (Windows y Linux), ⌘+S (macOS)

Desactivar “Inspeccionar elemento/Herramienta de desarrollador” – Ctrl+Shift+C (Windows y Linux),⌥+⌘+C (macOS)

Desactivar “Ver código fuente” – Ctrl+U (Windows y Linux), Alt+⌘+U (macOS)

Desactivar el clic derecho

Desactivar arrastrar y soltar

Desactivar el arrastre de imágenes con el ratón

Desactivar la selección de texto

Desactivar la exploración del directorio

Asignación de texto y URLs:

Cambiar las URLs usando la asignación de URL

Cambiar las clases usando la asiganación de texto

Cambia las URLs del CDN usando la asignación de CDN

Cambia las rutas en los archivos de caché

Cambiar las rutas en el enlace del feed

Cambia las rutas en el Sitemap XML

Cambia las rutas en el Robots.txt

Protección contra fuerza bruta:

Protección de fuerza bruta con Math reCAPTCHA

Protección contra fuerza bruta con Google reCaptcha V2

Protección de fuerza bruta con Google reCAPTCHA V3

Brute Force Protection on Login

Brute Force Protection on Password Lost

Brute Force Protection on Signup

Brute Force Protection on Comment

Brute Force Protection on Woocommerce Login

Brute Force Protection shortcode [hmwp_bruteforce]

Personalizar mensajes, tiempo de espera e intentos

Gestionar listas negra y blanca de IPs

Extra Features:

Magic Link Login Without Password

Temporary Logins Without Password

Corregir las URLs relativas

Ajustes de copia de seguridad y restauración

Cambiar las clases en el código fuente usando la asignación de texto

Cambiar las URLs en el código fuente usando la asignación de URL

Cachear CSS, JS e imágenes para optimizar la velocidad de carga

Comprobaciones e informes de seguridad semanales

Integraciones:

Compatibilidad con WP Multisitio

Compatible con Nginx

Compatible con IIS

Compatible con LiteSpeed

Compatible con Apache

Es compatible con Siteground

Compatible con WP Engine

Es compatible con el alojamiento de AWS

Compatible con el alojamiento Inmotion

Compatible con el alojamiento de Hostgator

Compatible con el alojamiento de Godaddy

Compatible con Host1plus

Compatible con Payperhost

Compatible con Fastcomet

Compatible con Dreamhost

Copatible con Bitnami Apache

Compatible con Bitnami Nginx

Compatible con el alojamiento Google Cloud

Compatible con el alojamiento Litespeed

Support for Flywheels Local

Compatible con el alojamiento Flywheels

Es compatible con el alojamiento de Ploi

Es compatible con el alojamiento de Namecheap

Es compatible con el alojamiento de RunCloud

Es compatible con el alojamiento de WPEngine

Es compatible con el alojamiento de CloudPanel

Recomendado por WP Rocket

Recomendado por WPML

Mira todas las características de seguridad GRATUITAS:
Características gratuitas de Hide My WP

Premium Security Features (over 70):

Hide WordPress Common Paths by Extension

Hide WordPress Files like wp-config.php, wp-config-sample.php, wp-load.php, wp-settings.php, wp-blog-header.php, readme.html, readme.txt, install.php, license.txt, php.ini, hidemywp.conf, bb-config.php, error_log, debug.log

Events/Actions Monitoring (Cloud Backup)

Brute Force Monitoring (Cloud Backup)

Geo Security

Country Blocking

Files Permission Fix

Database Prefix Fix

SALT keys Fix

and more
Hide My WP Premium Feature

Hide My WP Ghost es compatible con todos los tipos de servidores y servicios de alojamiento, y también es compatible con WP multisitio.

Compatible server types: WP Multisite, Apache, Litespeed, Nginx and Windows IIS.
Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Amazon AWS Lightsail, Litespeed Hosting, Flywheels Hosting, Kinsta Hosting, Ploi.io, CloudPanel, RunCloud

Actualizaciones de compatibilidad con plugins: Woocommerce, WPML, WPMUDEV, W3 Total Cache, Gravity, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache, SiteGround Optimizer, Nitropack,
Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, Manage WP,
All In One SEO, Rank Math, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, Solid Security, Sucuri Security, Really Simple SSL, WordFence Security, WP Cerber Security, BBQ Firewall, Anti-Malware Security,
Back-Up WordPress, Elementor Page Builder, Divi Builder, Weglot Translate, AddToAny Share Btn, Limit Login Attempts Reloaded, Loginizer, Shield Security, Asset CleanUp, WP Hide & Security Enhancer, y más

Lista de plugins compatibles: Plugins compatibles con Hide My WP
Lista de temas compatibles: Temas compatibles con Hide My WP

Hide My WP Ghost cambia y oculta las rutas comunes de WP, administración y rutas acceso, rutas de plugins y rutas de temas, protegiendo tu sitio de los bots hackers.

Nota: no se alteran físicamente archivos ni directorios. Todos los cambios se implementan mediante reglas de reescritura del servidor, asegurando que no haya impacto en el SEO ni en la velocidad de carga.

El plugin funciona junto a otros plugins de seguridad como Wordfence, Solid Security, Sucuri y agrega una capa de seguridad contra los bots de hackers a tu web WordPress.

Check the Demo Website source code:
https://demo.wpplugins.tips/
(the elementor is changed in files and classes using the PRO version)

Check the Redirected URLs in Demo Website (all are redirected to Front Page):
https://demo.wpplugins.tips/wp-admin
https://demo.wpplugins.tips/wp-login

Check the Hidden Common Paths in Demo Website (all show 404 Page Not Found):
https://demo.wpplugins.tips/wp-content
https://demo.wpplugins.tips/wp-content/plugins
https://demo.wpplugins.tips/wp-content/themes

Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs.

Security of WordPress sites typically tops the list of concerns for new and experienced website owners alike.

For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself.

¿Es seguro tu sitio web? Comprueba tu sitio web con la comprobación gratuita de la seguridad del sitio web

Protect your WordPress website by hiding the authentication paths like wp-admin, wp-login.php, login, wp-signup.php, and change the common WordPress paths like wp-content, wp-includes, uploads, and more.

Ser capaz de proteger las rutas comunes es crítico, porque así conseguirás mantener a los bots hackers alejados de los datos sensibles de tu web.

Esto es crucial y te proporcionará una grata experiencia y resultados perfectos a largo plazo.

Seguro que valdrá la pena, no por mencionar que al ocultar las rutas comunes harás que sea más difícil atacarte.

Si no te proteges tu mismo, acabaras teniendo tarde o temprano una web hackeada.

Esta es una versión gratuita del plugin, por lo que puedes usarlo en todas tus webs sin ninguna restricción.

Asegura tu web en solo unos minutos con el plugin Hide My WP Ghost ¡Protege tu sitio WordPress contra los bots de hackers y los spammers!

Por favor, ayúdanos y traduce el plugin a tu idioma:
https://translate.wordpress.org/projects/wp-plugins/hide-my-wp

¡Gracias a todos por vuestra confianza, apoyo y reseñas positivas!

¡Importante! Esta no es una versión nulled del plugin de Codecanyon “Hide My Wp”.

¿Estás Listo para Proteger tu Sitio Web de Hackers con el Plugin de Seguridad más AMIGABLE CON EL USUARIO?

Capturas de pantalla

Hide My WP > Change Paths > Level Of Security
Hide My WP > Change Paths > Admin Security
Hide My WP > Change Paths > Login Security
Hide My WP > Change Paths > Core Security
Hide My WP > Change Paths > API Security
Hide My WP > Firewall > 8G Firewall
Hide My WP > Brute Force > reCaptcha Protection
Hide My WP > Two Factor > 2FA Login
Hide My WP > Mapping > Text Mapping
Hide My WP > Mapping > URL Mapping
Hide My WP > Tweaks > Hide Options
Hide My WP > Tweaks > Redirect Options
Hide My WP > Temporary Login > Logins
New Login Path /newlogin
Old Login Path shows 404 Error /wp-login.php
Old Admin Path shows 404 Error /wp-admin
New custom core paths changed with Hide My WP Ghost

Instalación

Instala manualmente el plugin Hide My WP Ghost Lite:
Paso 1. Accede como administrador a tu web WordPress.
Paso 2. En el menú mostrado a la izquierda, hay una pestaña de ‘Plugins’. Haz clic en ella.
Paso 3. Ahora haz clic en ‘Agregar nuevo’.
Paso 4. Ahí tienes el botón de ‘Subir plugin’. Haz clic en el botón de ‘Subir plugin’.
Paso 5. Sube el archivo hide-my-wp.zip.
Paso 6. Una vez subido, haz clic en Activar plugin.
Paso 7. Conecta el plugin usando tu correo electrónico para obtener un token de acceso gratuito.
Paso 8. Sigue la guía de configuración desde aquí: https://hidemywpghost.com/kb/hide-my-wp-ghost-tutorial/
¡Disfruta!

Instala Hide My WP Ghost Lite desde el directorio de WordPress directamente:
Paso 1. Accede como administrador a tu web WordPress.
Paso 2. En el menú mostrado a la izquierda, hay una pestaña de ‘Plugins’. Haz clic en ella.
Paso 3. Busca ‘Hide My WP’.
Paso 4. Cuando aparezca el plugin, haz clic en Activar Hide My WP Ghost
Paso 5. Conecta el plugin usando tu correo electrónico para obtener un token de acceso gratuito.
Paso 6. Sigue la guía de configuración desde aquí: https://hidemywpghost.com/kb/hide-my-wp-ghost-tutorial/
¡Disfruta!

Base de conocimiento de Hide My WP Ghost:

FAQ

¿Funciona este plugin en WP Multisitio?

Si, el plugin funciona en WP Multisitio y lo podrás configurar en toda la red.

El plugin también funciona con los servidores Apache, NGINX, IIS y LiteSpeed

¿Funciona “Hide My WP Ghost” con Nginx Server?

Si, el Plugin funciona en Nginx Server y serás guiado por los redireccionamientos y los ajustes de nginx.conf.

El plugin también funciona con los servidores Apache, IIS y LiteSpeed

El tema de mi web no está cargando correctamente después de cambiar las rutas. ¿Qué puedo hacer?

Este error parece más de los ajustes de las reglas de reescritura.

Asegúrate de purgar la caché si tienes plugins de caché después de guardar los ajustes de Hide My WP Ghost.
En caso de que los archivos “.htaccess” (para Apache), “nginx.conf” (para NGINX) o “web.config” (para IIS) no tengan permisos de escritura, tendrás que agregar los permisos de reescritura manualmente.
Si tienes un servidor Nginx, asegúrate de recargar el Nginx después de guardar los ajustes.
Si el tema todavía no se está cargando bien, contáctanos y podemos configurar el plugin para ti de forma gratuita.

Podrás encontrar información útil aquí: https://hidemywpghost.com/knowledge-base/

Olvidé las URLs de inicio de sesión y de administración personalizadas. ¿Y ahora qué?

No te asustes.

Todavía puedes acceder a tu sitio con la URL segura que descargaste cuando guardaste los ajustes

¡Bloqueado de mi propio sitio! He configurado el plugin y cuando me desconecté no pude volver a entrar

Renombra el directorio de plugins /wp-content/plugins/hide-my-wp para que los plugins no oculten más la ruta wp-login.php

Accede utilizando http://domainname/wp-login.php y vuelve a activar el plugin.

Asegúrate de recordar el parámetro seguro y será mucho más fácil.

¿Funciona Hide My WP Ghost en una web de WordPress.com?

Because of the Jetpack security in the WordPress.com website, Hide My WP Ghost can’t change the admin and login paths.

Si ya activaste Hide My WP en WordPress.com, elimina el directorio /wp-content/plugins/hide-my-wp para desactivar el plugin.

¿Funciona este plugin si no tengo enlaces permanentes personalizados en mi sitio?

No. Necesitas tener los enlaces permanentes personalizados establecidos en Ajustes > Enlaces permanentes.

Recibirás un aviso en la página de ajustes si algo no está bien configurado.

¿Qué hacer antes de desactivar el plugin?

Es mejor cambiar al modo predeterminado en Ajustes > Hide My WP.

Si no lo haces, el plugin cambiará automáticamente su sitio a las URL seguras y te dirá qué hacer en caso de que no tengas permiso de escritura para los archivos de configuración

¿Este plugin es gratuito?

Sí. Las características básicas del plugin Hide My WP Ghost siempre serán gratuitas.

Incluiremos todas las actualizaciones necesarias de seguridad para WordPress.

Para desbloquear todas las características, por favor visita: Hide My WP – Plan de precios

¿Cómo configurar el plugin en el servidor Nginx?

Por favor, sigue este tutorial paso a paso para configurar Hide My WP Ghost en un servidor Nginx:

Configurar Hide My WP Ghost en Nginx Server
Configurar Hide My WP Ghost en un servidor web Nginx con Servidor Privado Virtual

Instalar Hide My WP en un servidor Kinsta
Instalar Hide My WP en un servidor RunCloud
Instalar Hide My WP en un servidor WPMUDEV
Instalar Hide My WP en un servidor Ploi.io
Instalar Hide My WP en un servidor Flywheel
Instalar Hide My WP en un servidor Amazon AWS Lightsail

¿Cómo ocultar tu web a los detectores de temas de WordPRess?

Cambiar las rutas comunes de WordPress no garantiza que el CMS WordPress esté completamente oculto.

Las rutas antiguas todavía son accesibles y los hackers todavía pueden inyectar SQL y Javascript en plugins y temas vulnerables instalados.

¿El plugin es suficiente para proteger mi sitio web de todos los hackers?

La versión gratuita de Hide My WP Ghost no te protegerá de todos los ataques de hackers. Para mayor seguridad, necesitas la versión premium.

Hide My WP Ghost oculta todas las rutas y patrones comunes utilizados, pero los bots detectan que estás usando WordPress.

¿Cómo puedo cambiar las rutas de WP en el escritorio del administrador?

Por defecto, Hide My Ghost cambia las rutas solo en la vista pública.

No te recomendamos esto, pero si también quieres cambiar la ruta en el escritorio del administrador, agrega esta línea en el archivo wp-config.php.

define('HMW_ALWAYS_CHANGE_PATHS', true);

Guarda los ajustes en Hide My WordPress Ghost y las rutas de WordPress se cambiarán en el escritorio de administración.

¿Cómo eliminar las reglas de reescritura de HMW de WP Definition en .htaccess?

Por defecto, Hide My WP Ghost agrega las reglas de reescritura en 2 lugares de .htaccess para evitar errores cuando otros plugins están borrando las reglas de .htaccess.

Si quieres tener las reglas de reescritura de Hide My WP Ghost solo dentro de #BEGIN HMWP_RULES … #END HMWP_RULES, agrega esta línea en el archivo wp-config.php.

define( 'HMW_RULES_IN_WP_RULES', false );

Guarda los ajustes en Hide My WP > Guarda las rutas y el plugin eliminará las reglas de reescritura de la definición de WordPress #BEGIN WordPress …. #END WordPress

¿Por qué la nueva ruta del administrador está redirigida a la página de inicio?

Por defecto, cuando estableces en modo Ghost de plugin Hide My WP Ghost, solo puedes acceder con la nueva ruta de acceso.

Para activar la opción de acceder a la nueva ruta del administrador y ser redirigido a la nueva ruta de acceso, haz esto:

Cambiar a desactivada la opción Hide My WP > Cambiar las rutas > Seguridad del administrador > Ocultar la nueva ruta del administrador

Una vez que desactives la opción y guardes los ajustes, cuando accedas a la nueva ruta del administrador, se te redirigirá la la nueva ruta de acceso.

Personalizar las rutas en Hide My WP Ghost

Reseñas

emmecappa 26 de Noviembre de 2024

Useful plugin

pplucay 23 de Octubre de 2024

I’m very happy with this plugin, the free version is good, but the premium version is impecable, excellent. If you are doing a business project in internet, and you want to protect your website, this is the plugin. As a business owner I find buying the premium plugin is worth. And the support members of the plugins answer your question in less than a day, and even help you personally. Be safe with this plugin. Pedro L, Chile.

risoneto 7 de Septiembre de 2024 1 respuesta

I’ve been using Hide My WP Ghost for several months now, and it has truly enhanced the security of my WordPress site. The setup process was straightforward, and the plugin provides comprehensive protection by hiding common vulnerabilities. What I love most is how it seamlessly integrates with other security measures without causing any conflicts. The customer support is also top-notch, always ready to assist with any questions. If you’re serious about keeping your site secure, this plugin is a must-have. Highly recommended!

daro2013 3 de Agosto de 2024

Many thanks

daniellacatus 2 de Agosto de 2024

After trying various security plugins for my WordPress sites, I decided to stick with Hide My WP Ghost – Security & Firewall, and I am extremely satisfied with this choice. This plugin has proven to provide comprehensive and efficient protection, allowing me to abandon all other security solutions I used to rely on.

garrigan 1 de Agosto de 2024 1 respuesta

Functioning as advertised and providing proper support are my top criteria.

Leer los 357 comentarios

Colaboradores & Desarrolladores

“Hide My WP Ghost – Seguridad y cortafuegos” es software de código abierto. Las siguientes personas han contribuido a este plugin.

John Darrel

“Hide My WP Ghost – Seguridad y cortafuegos” ha sido traducido en 4 idiomas. Gracias a los traductores por sus contribuciones.

Traduce “Hide My WP Ghost – Seguridad y cortafuegos” a tu idioma.

¿Interesado en el desarrollo?

Revisa el código, echa un vistazo al repositorio SVN, o suscríbete al registro de desarrollo por RSS .

Historial de cambios

5.3.02 (08 Nov 2024)

Update – Compatibility with WP 6.7
Update – Add Brute Force for comments form in Brute Force
Update – Translations
Fix – Issue when changing relative to absolute path in javascript
Fix – Root domain regarding multisite with subdomains
Fix – Compatibility with LiteSpeed CDN domains
Fix – Use WordPress function for all parse url
Fix – Activate firewall by default when Lite mode option is selected
Fix – Compatibility with WP Rocket background CSS loader
Fix – Flush changed to config file when some features are activated in Overview section
Fix – Clear cache for Litespeed plugin when changing is made in the Mapping section
Fix – Activate the Text Mapping in CSS and JS files option for hiding class names like elementor or woocommerce

5.3.01 (07 Oct 2024)

Update – Added Hide My WP Advanced Pack in Plugins suggestion
Update – Added Drupal 11 in CMS simulation
Update – Set 404 Not Found error as default option for hidden paths
Update – The files CSS and JS files from WP 6.6 when Clean Login is selected in Advanced > Compatibility
Update – Added the option to pause the plugin for 5 minutes for testing purposes
Update – Compatibility with WP Rocket Background CSS loader
Update – Map Litespeed cache directory in URL Mapping
Fix – Redirect to homepage the newadmin when user is not logged in
Fix – Remove dynamic CSS and JS when Text Mapping is switched off
Fix – Prevent changing wp-content and wp-includes paths in deep URL location and avoid 404 errors

5.3.00 (20 Sept 2024)

Update – Added New Feature Magic Link Login Without Password in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Code (2FA) in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Email (2FA) in Hide My WP > Overview
Update – Added New Feature Temporary Logins Without Password in Hide My WP > Overview
Update – Compatibility with WP 6.6.2 & 8.3.11
Update – Brute Force compatibility with UsersWP plugin
Update – Cookie set on WP Multisite with subdomains
Update – Brute Force shortcode to work with different login forms
Update – Brute Force shortcode to work with Elementor login form
Fix – Compatibility with Nitrocache
Fix – Compatibility with Squirrly SEO
Fix – Compatibility with Autoptimize
Fix – Compatibility with Woocommerce
Fix – Compatibility with Wordfence
Fix – Security Check on admin url and login url
Fix – Google reCaptcha on frontend popup to load google header if not already loaded
Fix – Hide New Login Path to allow redirects from custom paths: lost password, signup and disconnect
Fix – WP Multisite active plugins check to ignore inactive plugins
Fix – Small bugs

5.2.04 (07 July 2024)

Fix – Compatibility with WP 6.6
Fix – Security * Update on wp-login.php and login.php

5.2.03 (04 July 2024)

Update – Added the option to hide the new login path on redirects
Update – Hide login.php path together with wp-login.php path from being redirect to the new login
Update – File permissions check in Security Check to check htaccess and login paths
Fix – Small bugs

5.2.02 (19 June 2024)

Update – Added more path in Frontend Test to make sure the settings are okay before confirmation
Update – Firewall message on blocking process when loading on WP initialization
Update – Compatibility with Wordfence to prevent rewrite rules * Update on security scan
Update – Language translation and typos fixed
Update – Disable click and keys to work without jQuery
Update – Added the option to immediately block a wrong username in Brute Force
Update – Sub-option layouts
Fix – Trim error in cookie when main domain cookie is set
Fix – Filter words in 8G Firewall that might be used in article slugs

5.2.01 (04 June 2024)

Update – Added Firewall blacklist by User Agent
Update – Added Firewall blacklist by Referrer
Update – Added Firewall blacklist by Hostname
Update – Added the option to select the level of access for an IP address in whitelist
Removed – Mysql database permission check as WordPress 6.5 handles DB permissions more secure
Moved – Firewall section was moved to the main menu as includes more subsections
Fix – 8G Firewall compatibility with all page builder plugins
Fix – preg_match warning on firewall.php when checking search engine bots
Fix – Firewall saving process for Whitelist and Blacklist features
Fix – Login access when member plugins are used for login process

5.1.03 (20 May 2024)

Update – Compatibility with WP 6.5.3
Update – Compatibility with WPEngine rules on wp-admin and wp-login.php
Update – Add whitelist paths feature
Update – Select the Whitelist level for IPs and Paths
Fix – Prevent firewall to record all triggered filters as fail attempts
Fix – Remove filter on robots when 8G firewall is active
Fix – Frontend Login Check popup to prevent any redirect to admin panel in popup test
Fix – Prevent redirect the wp-admin to new login when wp-admin path is hidden
Fix – Prevent blocking login page on password protection page when the login path is set by another plugin

5.1.02 (30 Apr 2024)

Update – Security Check verifies the firewall against SQL & Script injection and weak usernames
Update – Font-sizes and layouts
Update – Add support to MyList theme
Update – 7g & 8G firewall to match more WP actions and compatibility with more plugins

5.1.01 (10 Apr 2024)

Update – Added the 8G Firewall filter
Update – Added the required header security for Apache and Nginx
Update – Added the option to block the theme detectors
Update – Added the option to block theme detectors crawlers by IP & agent
Update – Added the option to simulate CMSs like Drupal & Joomla
Update – Added the option on Apache to insert the firewall rules into .htaccess
Fix – Load Firewall on all server types only in frontend to avoid functionality issues in backend
Fix – Avoid loading recaptcha on Password reset link
Fix – Screen 120dpi display layout
Fix – Hide reCaptcha secret key in Settings

5.0.29 (19 Mar 2024)

Update – Compatibility with WP 6.5
Update – Compatibility with CloudPanel & Nginx servers
Update – Compatibility with WordFence scanning
Fix – Hide rest_route only for visitors to avoid errors with builders

5.0.28 (14 Feb 2024)

Compatibility with PHP 8.3 and WP 6.4.3
* Update – Compatibility with Hostinger
* Update – Compatibility with InstaWP
* Update – Compatibility with Solid Security Plugin (ex Solid Security)
* Update – Added the option to block the API call by rest_route param
* Update – Added new detectors in the option to block the Theme Detectors
* Update – Security Check for valid WP paths
* Fix – Don’t load shortcode recapcha for logged users
* Fix – Rewrite rules for the custom wp-login path on Cloud Panel and Nginx servers
* Fix – Issue on change paths when WP Multisite with Subcategories
* Fix – Hide rest_route param when Rest API directory is changed
* Fix – Multilanguage support plugins
* Fix – Small bugs & typos

5.0.27 (18 Oct 2023)

Update – Compatibility with WP 6.4.1 & PHP 8.3
Update – Option to create a random suffix number instead of the version number to prevent caching on static files in admin
Fix – Default redirect URL in Tweaks > Redirects
Actualización: Compatibilidad con MainWP Server-Client
Actualización: Compatibilidad con el plugin WPML
Update – Hide rest_route param when Rest API directory is changed
Fix – URL query args sanitization when the rewrite rules are not added correctly in config file
Fix – Specify the jQuery on Disable Click feature
Actualización: Compatibilidad con Hostinger
Actualización: Compatibilidad con InstaWP
Update – Add shortcode on BruteForce [hmwp_bruteforce] for any login form
Fix – Small Bugs

5.0.26 (28 Aug 2023)

Fix – Brute Force Math Recaptcha security
Fix – Compatibility with themes without Brute Force Math Recaptcha

5.0.25 (23 Aug 2023)

Fix – Paths change in feed for logos and links
Fix – Security Check report
Fix – Improved security on login
Fix – Typos & Bugs

5.0.24 (03 July 2023)

Update – Frontend Test to check and show the not found links
Update – Add compatibility with 2FA and Two-Factor plugins for two factor authentication
Update – Add Compatibility with FlyingPress & WPFrontendAdmin
Update – WP functions and notifications for PHP 8.2 compatibility
Update – Add new key combinations in HMWP disable inspect element and view source
Fix – Prevent login redirect when the prevent slowing website is activated

5.0.23 (29 May 2023)

Update – Add the option to connect to the custom login path from Cloud
Update – Compatibility with WP 6.2.2
Fix – Typos and small bugs

5.0.22 (16 May 2023)

Actualización: Agregada compatibilidad con servidores de Cloud Panel
Update – Add compatibility for CMP Coming Soon & Maintenance Plugin by NiteoThemes plugin
Update – Add the option to select the server type if it’s not detected by the server
Update – Add the option to add the rules between the WordPress rewrite rules on Apache/Litespeed servers
Actualización: Compatibilidad con Siteground
Update – Compatibility with Avada when cache plugins are enabled
Fix – Remove the rewrites from WordPress section when the plugin is deactivated
Fix – User roles names display on Tweaks
Fix – Combined the Plugin Loading Hook into one option

5.0.20 (03 May 2023)

Update – File processing when the rules are not set correctly
Update – Security headers default values
Fix – Compatibilities with the last versions of other plugins
Fix – Reduce resource usage on 404 pages

5.0.19 (23 Apr 2023)

Update – Brute Force protection on lost password form
Update – Brute Force protection on Woocommerce (login, signup, lost passowrd)
Update – Compatibility with MemberPress plugin
Fix – My account link on multisite option
Fix – Settings to verify the array values on settings saving process
Fix – Small Bugs

5.0.18 (03 Mar 2023)

Update – Compatibility with WP 6.2
Update – Compatibility with more plugins and themes
Update – Security check when wp-content is customized
Update – File handle for login, signup, logout
Update – Compatibility with PHP 8.2
Update – Remove the atom+xml meta from header
Update – Remove the noredirect param if the redirect is fixed
Update – Check the XML and TXT URI by REQUEST_URI to make sure the Sitemap and Robots URLs are identified
Update – Check the rewrite rules on WordPress Automatic updates too
Update – Add the option to disable HMWP Ghost custom paths for the whitelisted IPs
Update – Save all section on backup restore
Update – Add the option to remove the sitemap style as a separate option from changing the paths in Sitemap.

5.0.17 (19 Dec 2022)

Update – Compatibility with WP 6.1
Update – Remove the noredirect param if the redirect is fixed
Update – Update the verification of the XML and TXT URI
Update – Get the correct login URL when backend URL is different from frontend URL
Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
Fix – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
Fix – White screen on iphone > safari when disable inspect element option is on
Fix – To remove the version from URL even if the ‘ver’ param doesn’t have any value
Fix – Typo in Security Check

5.0.16 (21 Oct 2022)

Update – Add the Brute Force protection on Register Form to prevent account spam
Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
Update – Added the option to prioritize the loading of HMWP Ghost plugin for more compatibility with other plugins
Update – Compatibility with LiteSpeed servers and last version of WordPress
Update – Compatibility with Breakdance plugin
Update – Compatibility with Nicepage Builder plugin
Update – Compatibility with WP 6.0.2
Fix – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
Fix – Remove the get_site_icon_url hook to avoid any issue on the login page with other themes
Fix – Compatibility with ShortPixel webp extension when Feed Security is enabled
Fix – Fixed the ltrim of null error on PHP 8.1 for site_url() path

5.0.15 (06 Sept 2022)

Fix – URL Mapping for Nginx servers to prevent 404 pages
Fix – PHP error in Security Check when the X-Powered-By header is not string
Fix – Compatibility with Wp-Rocket last version
Fix – Brute force math issue on woocommerce login when third party woocommerce logins
Fix – Not to hide the image on login page when no custom image is set in Appearance > Customize > Site Logo
Fix – Compatibility with ShortPixel webp extension when Feed Security is enabled
Update – Compatibility with Nicepage Builder plugin
Update – Compatibility with WP 6.0.2

5.0.14 (17 June 2022)

Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – Compatibility with WordPress 6.0
Update – Add the option to automatically redirect to admin when access the login page and the user is logged
Fix – Avoid showing 404 error on Litespeed WP Multisite when a new site is created
Fix – Avoid showing 404 error on Litespeed WP Multisite when a new taxonomy is created
Fix – Brute force math security when the math field is deleted
Fixed the hidden URLs process

5.0.13 (03 May 2022)

Update – Compatibility with WordPress 5.9.3
Update – Compatibility with BackUpWordPress plugin
Update – Compatibility with Themify theme
Fix – Added the URI in the redirected URL
Fix – Compatibility with LiteSpeed cache plugin

5.0.12 (08 Mar 2022)

Update – Added compatibility with Backup Guard Plugin
Update – Prevent affecting the cron processes on Wordfence & changing the paths during the cron process
Update – Change the WP-Rocket cache files on all subsites for WP Multisite
Update – Automatically add the CDN URL if WP_CONTENT_URL is set as a different domain
Update – Compatibility with WordPress 5.9.1
Fix – Change Paths for Logged Users issue
Fix – Show the feature icon in the feature list
Fix – Show all the rewrite paths for WpEngine with PHP >7.4
Fix – Frontend test when the plugins paths are not changed

5.0.11 (22 Feb 2022)

Update – Added 7G Firewall option in Hide My WP > Change Paths > Firewall & Headers > Firewall Against Script Injection
Update – Fixed the menu hidden issue when other security plugins are active
Update – Compatibility with Login/Signup Popup plugin when Brute Force Google reCaptcha is activated
Update – Compatibility with Buy Me A Coffee plugin
Fix – Library loading ID in HMWP Ghost

5.0.10 (17 Feb 2022)

Update – Added new option in Login Security: Hide the language switcher option on the login page
Update – Added the option to reset all settings to default
Update – Added the Ctrl + Shift + C restriction when Inspect Element option is active
Update – Added the features text for translation
Update – Added Firewall & Headers option
Update – Added the option to ignore the notifications and avoid repeating alerts
Update – Added the option to disable Right-Click for logged users and user roles
Update – Added the option to disable Inspect Element for logged users and user roles
Update – Added the option to disable View Source for logged users and user roles
Update – Added the option to disable Copy/Paste for logged users and user roles
Update – Added the option to disable Drag/Drop for logged users and user roles
Update – Add the option to hide the wp-admin path for non-admin users
Update – Compatibility with Namecheap hosting
Update – Compatibility with Ploi.io
Update – Compatibility with WordPress 5.9
Update – Compatibility with Coming Soon & Maintenance Mode PRO
Update – Compatibility with Advanced Access Manager (AAM) plugin
Update – Compatibility with WPS Hide Login
Update – Compatibility with JobCareer theme
Update – Compatibility with Wordfence Security Scan when the wp-admin is hidden
Update – Compatibility with the Temporary Login Without Password plugin to work with the passwordless connection on custom admin
Update – Compatibility with the LoginPress plugin to work with the passwordless connection on custom admin
Update – Compatibility with WordPress Sitemap, Rank Math SEO, SEOPress, XML Sitemaps to hide the paths and style on Nginx servers
Update – Compatibility with Nitropack
Update – Compatibility with OptimizePress Dashboard
Update – Compatibility with Bricks Builder
Update – Compatibility with Zion Builder
Update – Compatibility with MainWP
Update – Compatibility with Limit Login Attempts Reloaded
Update – Compatibility with Loginizer
Update – Compatibility with Shield Security
Update – Compatibility with iThemes Security
Update – Compatibility with Smush plugin
Update – Compatibility with Wordfence 2FA when reCaptcha is active
Update – Added compatibility with JCH Optimize 3 plugin
Update – Added compatibility with Oxygen 3.8 plugin
Update – Added compatibility with WP Bakery plugin
Update – Added compatibility with Bunny CDN plugin
Update – Update compatibility with Manage WP plugin
Update – Update compatibility with the Autoptimize plugin
Update – Update compatibility with Breeze plugin
Update – Update compatibility with Cache Enabler plugin
Update – Update compatibility with CDN Enabler plugin
Update – Update compatibility with Comet Cache plugin
Update – Update compatibility with the Hummingbird plugin
Update – Update compatibility with Hyper Cache plugin
Update – Update compatibility with the Litespeed Cache plugin
Update – Update compatibility with the Power Cache plugin
Update – Update compatibility with the W3 Total Cache plugin
Update – Update compatibility with WP Fastest Cache plugin
Update – Update compatibility with the iThemes plugin
Update – Added compatibility with Hummingbird Performance plugin
Update – Advanced Text Mapping to work with Page Builders in admin
Update – Changing the paths in sitemap.xml and robots.txt to work with all SEO plugins
Update – Translate the plugin into more languages
Update – Select the cache directory if there is a custom cache directory set in the cache plugin
Update – Show the change in cache files option for more cache plugins
Update – Removed the WordPress title tag from login/register pages
Fix – Brute Force blocking Wordfence Cron Job
Fix – Infinite loop when POST action on unknown paths
Fix – Remove the login URL from the logo on the custom login page
Fix – Set Filesystem to direct connection for file management
Fix – Don’t show the rewrite alert messages if nothing was changed in HMWP

4.1.11 (24 Ian 2022)

Update – Compatibility with WordPress 5.9
Fix compatibility with other plugins

4.1.10 (24 Nov 2021)

Update – Compatibility with WordPress 5.8.2
Update – Remove the style in Sitemap XML for Nginx Servers
Update – Compatibility with Zion Builder
Update – Compatibility with Bricks builder
Fix – Don’t load the paths while in Theme Customization

4.1.09 (08 Sept 2021)

Update – Compatibility with WordPress 5.8
Update – Website information https://hidemywpghost.com
Update – Set website logo on login page when option Hide My WP > Advanced > Clean Login is set
Update – Set change paths to work with different domain ports
Update – Compatibility with MainWP
Update – Compatibility with Limit Login Attempts Reloaded
Update – Compatibility with Loginizer
Update – Compatibility with Shield Security
Update – Compatibility with Solid Security
Update – Added compatibility with JCH Optimize 3 plugin
Update – Added compatibility with Oxygen 3.8 plugin
Update – Added compatibility with WP Bakery plugin
Update – Added compatibility with Bunny CDN plugin
Update – Update compatibility with Manage WP plugin
Update – Update compatibility with Autoptimize plugin
Update – Update compatibility with Breeze plugin
Update – Update compatibility with Cache Enabler plugin
Update – Update compatibility with CDN Enabler plugin
Update – Update compatibility with Comet Cache plugin
Update – Update compatibility with Hummingbird plugin
Update – Update compatibility with Hyper Cache plugin
Update – Update compatibility with Litespeed Cache plugin
Update – Update compatibility with Power Cache plugin
Update – Update compatibility with W3 Total Cache plugin
Update – Update compatibility with WP Fastest Cache plugin
Update – Update compatibility with Solid plugin
Fix – Password strength error on custom login reset password
Fix – Remove only the wordpress prefetch from source code and not other domains
Fix – Plugin uninstall issue because of missing contact HMW_VERSION

4.1.08 (18 June 2021)

Fix – Update the jetPack tracking script
Fix – Show plugin settings calling the plugin to hook correctly
Fix – Warning: Constants may only evaluate scalar values in hide-my-wp/config/config.php on line 107
Fix – Removed the memory limit verification
Fix – Add a warning for memory under 64MB
Fix – Fixed the <?PHP warning in Permalinks at the end of the file

4.1.07 (19 May 2021)

Update – Compatibility with WordPress 5.7.2
Update – Added compatibility with Oxygen Builder
Update – Added compatibility with Thrive Architect Builder
Update – Added compatibility with Gravity

4.1.06 (26 April 2021)

Update – Added compatibility with builders Oxygen, Elementor, Thrive, Bricks
Update – Added extra security in the backend
Update – Added the option to prevent WordPress redirects and slow the website speed when the config rules are not loading
Fix – Brute Force warning when blocks the IP in function get_blocked_ips
Fix – Changed the form submission action read due to config.json file permission on some servers

4.1.05 (15 Feb 2021)

Update – Update Security for the last updates and WP requirements
Update – Optimize JS library from third-party plugins
Update – Let Hide My WP Settings load if the Permalink Structure is /?p=123
Update – Added 403 Error Code option for the wp-admin and wp-login.php redirects
Fix – Compatibility with PHP 8.0 with deprecated functions
Fix – Compatibility with the Flywheel hosting server and custom Nginx config location
Fix – Hide My WP > Security Check UI
Fix – Filesystem error when the library is not correctly loaded
Fix – Change paths in Login page when Late Loading is active
Fix – Change the WordPress login logo when Clean Login Page is active
Fix – Compatibility with WordPress 5.7

4.1.04 (23 Ian 2021)

Update – Added compatibility for AppThemes Confirm Email
Update – Compatibility with PPress plugin on Login Page and Logout Page
Update – Compatibility with SiteGround Cache plugin
Update – Compatibility warning with W3 Total Cache Lazy Load
Update – Security Check to hide readme.html, license.txt, and other common files

4.1.03 (11 Dec 2020)

Update – The rules update on adding a new plugin or theme
Update – Added compatibility for AppThemes Confirm Email
Fix – Rollback the settings when pressing the Abort button
Fix – Fixed Backup/Restore rules flash
Fix – Add the correct text direction for WPML while in Posts and Pages
Fix – Compatibility with WordPress 5.6

4.1.02 (11 Oct 2020 )

Update – Compatibility with Manage WP plugin
Update – Added the option to disable the REST API wp-json in Hide My WP – Permalinks
Update – Add the plugin as Must Use plugin for better security and compatibility with other plugins
Update – Compatibility with Really Simple SSL plugin
Update – New UX for better understanding of the redirects in Hide My WP > Tweaks
Update – Compatibility with WPML when setting custom wp-admin and admin-ajax
Update – Compatibility with WPML when RTL languages are set in the dashboard
Update – Compatibility with bbPress plugin
Update – Compatibility with JetPack plugin
Update – Compatibility with Newspaper theme on XMLWPC.php access
Update – Added Compatibility with WP 5.5.3

4.1.01 (26 Oct 2020 )

Update – Extra caching in .htaccess when “Optimize CSS and JS Files” is activated
Update – Do not cache if already cached by WP-Rocket or WP Fastest Cache
Update – Added Login and Logout redirects for each user role
Update – New UX for better understanding of the redirects
Fix – 404 error on Nxing server when updating the settings

4.0.12 (01 Oct 2020 )

Update – Added compatibility with Pro Theme by Themeco
Update – Added compatibility with Smush PRO by WPMU DEV
Update – Added compatibility for WP Client plugin by WP-Client.com
Update – Header removals for theme detectors

4.0.11 (03 Sept 2020 )

Update – Remove version parameter from CSS and JS URLs containing the plus sign
Update – Added {rand} in Text Mapping to show random string on change
Update – Added {blank} in Text Mapping to show an empty string on change
Update – Compatibility with last version WP Fastest Cache plugin
Fix – Added a fix for noredirect param on infinite loops
Fix – Load the 404 not found files correctly

4.0.10 (31 Aug 2020 )

Fixed some errors caused by the last version
Fix – Saving options in Mapping, Tweaks, and Advanced when followed by Permalinks Changing abort

4.0.09 (27 Aug 2020 )

Update – Added the version hook to remove the versions from CSS and JS
Update – Load the login on WPEngine server with PHP7.4 when the login is set as /login
Update – Detect Flywheel server and add the rules accordingly
Update – Compatibility with Solid Security on custom login

4.0.08 (13 Aug 2020 )

Update – WordPress Security Updates for WP 5.5
Update – Compatibility with WPML
Update – Compatibility with the last versions of the popular plugins

4.0.07 (06 Aug 2020 )

Update – Added the option to hide /login and /wp-login individually
Update – Added the option to redirect to a custom URL on logout
Small Bugs Fix

4.0.06 (09 July 2020 )

Update – Compatibility with WPEngine + PHP 7
Update – Compatibility with Absolutely Glamorous Custom Admin plugin
Update – Compatibility with Admin Menu Editor Pro plugin
Fix – Small CSS & Warning issues

4.0.05 (30 June 2020 )

Update – Compatibility with WPEngine with PHP 7.4
Update – Compatibility with the cache plugins (tested the latest versions)
Update – The Security Check report task
Update – Plugin security on Security Check
Update – The plugins list in Hide My WP
Fix – Removed the map URL from bootstrap CSS and JS
Fix – CSS in Hide My WP Settings

4.0.04 (16 June 2020 )

Update – Added HMW_RULES_IN_CONFIG and HMW_RULES_IN_WP_RULES to control the rules in the config file
HMW_RULES_IN_CONFIG will add the rules at the top of the config file (default true)
HMW_RULES_IN_WP_RULES will add the rules in the WordPress config area (default true)
Update – Change the rewrite hook to make sure the rules are added in the WordPress rewrites before flushing them
Update – Compatibility with Solid Security plugin

4.0.03 (04 June 2020)

Update – RTL Support
Update – Brute Force Protection Filter
Update – Compatibility with more cache plugins like Hummingbird and Cachify
Update – Alert when the rewrites are not added correctly in the config file
Update – WordPress Security Updates for WP 5.4.1
Fix – Small CSS fixes

4.0.02 (04 May 2020)

Fix – login redirect for nginx server
Fix – constant warning NONCE_KEY in confi.php
Update – Compatibility with WordFence

= …

Useful

Highly recommended, best on the solution

Amazing Security Plugin!

Very Powerful Security Plugin

I highly recommend Hide My WP Ghost – Security & Firewall

The product functions as advertised, and the support team resolves issues.