Descripción
¡Aumenta la seguridad de tu WordPress con el plugin Hide My WP Ghost!
Hide My WP Ghost es un plugin de seguridad para WordPress para la prevención de hackeos. Con funciones potentes y fáciles de usar, aumenta la seguridad de tu sitio sin alterar ningún directorio ni archivo.
Join over 100,000 secured websites with Hide My WP Ghost. The plugin has blocked over 9 million brute force attempts and stopped over 140,000 monthly hacks.
Key features include powerful protection against:
- Ataques de fuerza bruta
- Ataques de inyección de SQL
- Script Injection Attacks
- XML-RPC attacks
- File Inclusion
- Malware injection
- Cross-Site Scripting (XSS)
- Throttling of Access Attempts to Entry Points
- y más
¡Protege tu sitio hoy mismo! Hide My WP Ghost oculta todas las rutas comunes de los hackers, protegiendo todos tus plugins y temas de manera efectiva
YouTube – Por qué deberías tener Hide My WP
Hide My WP Ghost incluye más de 45 características de seguridad:
Change and Hide Paths:
- Ocultar el archivo wp-admin de WordPress, y mostrar un error 404 o una página personalizada
- Ocultar el archivo wp-login.php de WordPress, y mostrar un error 404 o una página personalizada
- Change the wp-admin and wp-login URLs
- Cambia la URL de contraseña perdida
- Cambia la URL de registro
- Cambia la URL de cierre de sesión
- Cambia la URL de activación
- Cambiar la URL de admin-ajax
- Cambiar la URL de wp-content
- Cambiar la URL de wp-includes
- Cabiar la URL de las subidas
- Cambiar la URL de los comentarios
- Cambiar la URL de autor
- Cambiar la URL de los plugins
- Cambiar el nombre de los plugins
- Cambiar la URL de los temas
- Cambiar el nombre de los temas
- Nombre del archivo «style.css» del tema personalizado
- Cambiar la URL de wp-jason en la API REST
- Cambiar la URL de categoría
Cambiar la URL de las etiquetas
Redirecciones personalizadas de acceso en el perfil de usuario
Personalizar las redirecciones de salida basadas en el perfil de usuario
Cambiar las URLs de relativas a absolutas
- Cambiar las URLs en las llamadas de ajax
- Cambiar las URLs para usuarios conectados
- Cambiar las URLs en los archivos de caché
- Cambiar las rutas en Sitemap.xml
- Cambiar las rutas en Robots.txt
Firewall:
- Two-factor Authentication By Code (2FA)
- Two-factor Authentication By Email (2FA)
- Cabecera de seguridad contra las inyecciones XSS y de código
- Cabecera de seguridad Strict-Transport-Security
- Cabecera de seguridad Content-Security-Policy
- Cabecera de seguridad X-XSS-Protection
- Cabecera de seguridad X-Content-Type-Options
- Cabecera de seguridad X-Frame-Options
- Cortafuegos contra inyecciones de Script y SQL
- Filtro de seguridad de 7G Firewall
- 8G Firewall Security Filter
- Block by IP Addresses
- Block by User Agents
- Block by Referrers
- Block by Hostnames
- Hide Website from Theme Detectors
Ocultar opciones:
- Ocultar la ruta /wp-admin
- Ocultar la ruta /wp-login
- Ocultar la ruta /login
- Ocultar la ruta de wp-json de la API REST
- Ocultar la barra de herramientas del administrador en el perfil del usuario
- Ocultar IDs de estilos y meta
- Ocultar los comentarios HTML de WordPress
- Ocultar la versión y las etiquetas de WordPress
- Ocultar el enlace de precarga de DNS de WordPress
- Ocultar la meta generator de WordPress
- Ocultar encabezado de RSD (Really Simple Directory)
- Ocultar los emoticonos si no los utilizas
Desactivar las opciones:
- Desactivar el acceso a la API REST
- Desactivar el acceso por XML-PRC
- Desactivar los scripts incrustadas
- Deshabilitar DB-Debug en Frontend
- Desactivar los scripts de WLW Manifest
- Desactivar Seleccionar todo – Ctrl+A (Windows y Linux), ⌘+A (macOS)
- Desactivar Copiar – Ctrl+C (Windows y Linux), ⌘+C (macOS)
- Desactivar Cortar – Ctrl+X (Windows y Linux), ⌘+X (macOS)
- Desactivar Pegar – Ctrl+V (Windows y Linux), ⌘+V (macOS)
- Desactivar Guardar – Ctrl+S (Windows y Linux), ⌘+S (macOS)
- Desactivar «Inspeccionar elemento/Herramienta de desarrollador» – Ctrl+Shift+C (Windows y Linux),⌥+⌘+C (macOS)
- Desactivar «Ver código fuente» – Ctrl+U (Windows y Linux), Alt+⌘+U (macOS)
- Desactivar el clic derecho
- Desactivar arrastrar y soltar
- Desactivar el arrastre de imágenes con el ratón
- Desactivar la selección de texto
- Desactivar la exploración del directorio
Asignación de texto y URLs:
- Cambiar las URLs usando la asignación de URL
- Cambiar las clases usando la asiganación de texto
- Cambia las URLs del CDN usando la asignación de CDN
- Cambia las rutas en los archivos de caché
- Cambiar las rutas en el enlace del feed
- Cambia las rutas en el Sitemap XML
- Cambia las rutas en el Robots.txt
Protección contra fuerza bruta:
- Protección de fuerza bruta con Math reCAPTCHA
- Protección contra fuerza bruta con Google reCaptcha V2
- Protección de fuerza bruta con Google reCAPTCHA V3
- Brute Force Protection on Password Lost
- Brute Force Protection on Signup
- Brute Force Protection on Woocommerce Login
- Brute Force Protection shortcode [hmwp_bruteforce]
- Personalizar mensajes, tiempo de espera e intentos
- Gestionar listas negra y blanca de IPs
Extra Features:
- Magic Link Login Without Password
- Temporary Logins Without Password
- Corregir las URLs relativas
- Ajustes de copia de seguridad y restauración
- Cambiar las clases en el código fuente usando la asignación de texto
- Cambiar las URLs en el código fuente usando la asignación de URL
- Cachear CSS, JS e imágenes para optimizar la velocidad de carga
- Comprobaciones e informes de seguridad semanales
Integraciones:
- Compatibilidad con WP Multisitio
- Compatible con Nginx
- Compatible con IIS
- Compatible con LiteSpeed
- Compatible con Apache
- Es compatible con Siteground
- Compatible con WP Engine
- Es compatible con el alojamiento de AWS
- Compatible con el alojamiento Inmotion
- Compatible con el alojamiento de Hostgator
- Compatible con el alojamiento de Godaddy
- Compatible con Host1plus
- Compatible con Payperhost
- Compatible con Fastcomet
- Compatible con Dreamhost
- Copatible con Bitnami Apache
- Compatible con Bitnami Nginx
- Compatible con el alojamiento Google Cloud
- Compatible con el alojamiento Litespeed
- Support for Flywheels Local
- Compatible con el alojamiento Flywheels
- Es compatible con el alojamiento de Ploi
- Es compatible con el alojamiento de Namecheap
- Es compatible con el alojamiento de RunCloud
- Es compatible con el alojamiento de WPEngine
Es compatible con el alojamiento de CloudPanel
Recomendado por WP Rocket
- Recomendado por WPML
Mira todas las características de seguridad GRATUITAS:
Características gratuitas de Hide My WPPremium Security Features (over 70):
- Hide WordPress Common Paths by Extension
- Hide WordPress Files like wp-config.php, wp-config-sample.php, wp-load.php, wp-settings.php, wp-blog-header.php, readme.html, readme.txt, install.php, license.txt, php.ini, hidemywp.conf, bb-config.php, error_log, debug.log
- Events/Actions Monitoring (Cloud Backup)
- Brute Force Monitoring (Cloud Backup)
- Geo Security
- Country Blocking
- Files Permission Fix
- Database Prefix Fix
- SALT keys Fix
- and more
Hide My WP Premium Feature
Hide My WP Ghost es compatible con todos los tipos de servidores y servicios de alojamiento, y también es compatible con WP multisitio.
Compatible server types: WP Multisite, Apache, Litespeed, Nginx and Windows IIS.
Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Amazon AWS Lightsail, Litespeed Hosting, Flywheels Hosting, Kinsta Hosting, Ploi.io, CloudPanel, RunCloud
Actualizaciones de compatibilidad con plugins: Woocommerce, WPML, WPMUDEV, W3 Total Cache, Gravity, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache, SiteGround Optimizer, Nitropack,
Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, Manage WP,
All In One SEO, Rank Math, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, Solid Security, Sucuri Security, Really Simple SSL, WordFence Security, WP Cerber Security, BBQ Firewall, Anti-Malware Security,
Back-Up WordPress, Elementor Page Builder, Divi Builder, Weglot Translate, AddToAny Share Btn, Limit Login Attempts Reloaded, Loginizer, Shield Security, Asset CleanUp, WP Hide & Security Enhancer, y más
Lista de plugins compatibles: Plugins compatibles con Hide My WP
Lista de temas compatibles: Temas compatibles con Hide My WP
Hide My WP Ghost cambia y oculta las rutas comunes de WP, administración y rutas acceso, rutas de plugins y rutas de temas, protegiendo tu sitio de los bots hackers.
Nota: no se alteran físicamente archivos ni directorios. Todos los cambios se implementan mediante reglas de reescritura del servidor, asegurando que no haya impacto en el SEO ni en la velocidad de carga.
El plugin funciona junto a otros plugins de seguridad como Wordfence, Solid Security, Sucuri y añade una capa de seguridad contra los bots de hackers a tu web WordPress.
Check the Demo Website source code:
https://demo.wpplugins.tips/
(the elementor is changed in files and classes using the PRO version)Check the Redirected URLs in Demo Website (all are redirected to Front Page):
https://demo.wpplugins.tips/wp-admin
https://demo.wpplugins.tips/wp-loginCheck the Hidden Common Paths in Demo Website (all show 404 Page Not Found):
https://demo.wpplugins.tips/wp-content
https://demo.wpplugins.tips/wp-content/plugins
https://demo.wpplugins.tips/wp-content/themes
Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs.
Security of WordPress sites typically tops the list of concerns for new and experienced website owners alike.
For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself.
¿Es seguro tu sitio web? Comprueba tu sitio web con la comprobación gratuita de la seguridad del sitio web
Protect your WordPress website by hiding the authentication paths like wp-admin, wp-login.php, login, wp-signup.php, and change the common WordPress paths like wp-content, wp-includes, uploads, and more.
Ser capaz de proteger las rutas comunes es crítico, porque así conseguirás mantener a los bots hackers alejados de los datos sensibles de tu web.
Esto es crucial y te proporcionará una grata experiencia y resultados perfectos a largo plazo.
Seguro que valdrá la pena, no por mencionar que al ocultar las rutas comunes harás que sea más difícil atacarte.
Si no te proteges tu mismo, acabaras teniendo tarde o temprano una web hackeada.
Esta es una versión gratuita del plugin, por lo que puedes usarlo en todas tus webs sin ninguna restricción.
Asegura tu web en solo unos minutos con el plugin Hide My WP Ghost ¡Protege tu sitio WordPress contra los bots de hackers y los spammers!
Por favor, ayúdanos y traduce el plugin a tu idioma:
https://translate.wordpress.org/projects/wp-plugins/hide-my-wp
¡Gracias a todos por vuestra confianza, apoyo y reseñas positivas!
Important! This is not the Hide My WP Nulled version of the Hide My WP Codecanyon plugin.
¿Estás Listo para Proteger tu Sitio Web de Hackers con el Plugin de Seguridad más AMIGABLE CON EL USUARIO?
Capturas
Instalación
Instala manualmente el plugin Hide My WP Ghost Lite:
Paso 1. Accede como administrador a tu web WordPress.
Paso 2. En el menú mostrado a la izquierda, hay una pestaña de ‘Plugins’. Haz clic en ella.
Paso 3. Ahora haz clic en ‘Añadir nuevo’.
Paso 4. Ahí tienes el botón de ‘Subir plugin’. Haz clic en el botón de ‘Subir plugin’.
Paso 5. Sube el archivo hide-my-wp.zip.
Paso 6. Una vez subido, haz clic en Activar plugin.
Paso 7. Conecta el plugin usando tu correo electrónico para obtener un token de acceso gratuito.
Paso 8. Sigue la guía de configuración desde aquí: https://hidemywpghost.com/kb/hide-my-wp-ghost-tutorial/
¡Disfruta!
Instala Hide My WP Ghost Lite desde el directorio de WordPress directamente:
Paso 1. Accede como administrador a tu web WordPress.
Paso 2. En el menú mostrado a la izquierda, hay una pestaña de ‘Plugins’. Haz clic en ella.
Paso 3. Busca ‘Hide My WP’.
Paso 4. Cuando aparezca el plugin, haz clic en Activar Hide My WP Ghost
Paso 5. Conecta el plugin usando tu correo electrónico para obtener un token de acceso gratuito.
Paso 6. Sigue la guía de configuración desde aquí: https://hidemywpghost.com/kb/hide-my-wp-ghost-tutorial/
¡Disfruta!
FAQ
-
¿Funciona este plugin en WP Multisitio?
-
Si, el plugin funciona en WP Multisitio y lo podrás configurar en toda la red.
El plugin también funciona con los servidores Apache, NGINX, IIS y LiteSpeed
-
¿Funciona “Hide My WP Ghost” con Nginx Server?
-
Si, el Plugin funciona en Nginx Server y serás guiado por los redireccionamientos y los ajustes de nginx.conf.
El plugin también funciona con los servidores Apache, IIS y LiteSpeed
-
El tema de mi web no está cargando correctamente después de cambiar las rutas. ¿Qué puedo hacer?
-
Este error parece más de los ajustes de las reglas de reescritura.
- Asegúrate de purgar la caché si tienes plugins de caché después de guardar los ajustes de Hide My WP Ghost.
- En caso de que los archivos «.htaccess» (para Apache), «nginx.conf» (para NGINX) o «web.config» (para IIS) no tengan permisos de escritura, tendrás que añadir los permisos de reescritura manualmente.
- Si tienes un servidor Nginx, asegúrate de recargar el Nginx después de guardar los ajustes.
- Si el tema todavía no se está cargando bien, contáctanos y podemos configurar el plugin para ti de forma gratuita.
Podrás encontrar información útil aquí: https://hidemywpghost.com/knowledge-base/
-
Olvidé las URLs de inicio de sesión y de administración personalizadas. ¿Y ahora qué?
-
No te asustes.
Todavía puedes acceder a tu sitio con la URL segura que descargaste cuando guardaste los ajustes
-
¡Bloqueado de mi propio sitio! He configurado el plugin y cuando me desconecté no pude volver a entrar
-
Renombra el directorio de plugins /wp-content/plugins/hide-my-wp para que los plugins no oculten más la ruta wp-login.php
Accede utilizando http://domainname/wp-login.php y vuelve a activar el plugin.
Asegúrate de recordar el parámetro seguro y será mucho más fácil.
-
¿Funciona Hide My WP Ghost en una web de WordPress.com?
-
Because of the Jetpack security in the WordPress.com website, Hide My WP Ghost can’t change the admin and login paths.
Si ya activaste Hide My WP en WordPress.com, elimina el directorio /wp-content/plugins/hide-my-wp para desactivar el plugin.
-
¿Funciona este plugin si no tengo enlaces permanentes personalizados en mi sitio?
-
No. Necesitas tener los enlaces permanentes personalizados establecidos en Ajustes > Enlaces permanentes.
Recibirás un aviso en la página de ajustes si algo no está bien configurado.
-
¿Qué hacer antes de desactivar el plugin?
-
Es mejor cambiar al modo predeterminado en Ajustes > Hide My WP.
Si no lo haces, el plugin cambiará automáticamente su sitio a las URL seguras y te dirá qué hacer en caso de que no tengas permiso de escritura para los archivos de configuración
-
¿Este plugin es gratuito?
-
Sí. Las características básicas del plugin Hide My WP Ghost siempre serán gratuitas.
Incluiremos todas las actualizaciones necesarias de seguridad para WordPress.
Para desbloquear todas las características, por favor visita: Hide My WP – Plan de precios
-
¿Cómo configurar el plugin en el servidor Nginx?
-
Por favor, sigue este tutorial paso a paso para configurar Hide My WP Ghost en un servidor Nginx:
Configurar Hide My WP Ghost en Nginx Server
Configurar Hide My WP Ghost en un servidor web Nginx con Servidor Privado VirtualInstalar Hide My WP en un servidor Kinsta
Instalar Hide My WP en un servidor RunCloud
Instalar Hide My WP en un servidor WPMUDEV
Instalar Hide My WP en un servidor Ploi.io
Instalar Hide My WP en un servidor Flywheel
Instalar Hide My WP en un servidor Amazon AWS Lightsail -
¿Cómo ocultar tu web a los detectores de temas de WordPRess?
-
Cambiar las rutas comunes de WordPress no garantiza que el CMS WordPress esté completamente oculto.
Las rutas antiguas todavía son accesibles y los hackers todavía pueden inyectar SQL y Javascript en plugins y temas vulnerables instalados.
Read more: How to Hide Your Site From WordPress Theme Detectors
-
¿El plugin es suficiente para proteger mi sitio web de todos los hackers?
-
La versión gratuita de Hide My WP Ghost no te protegerá de todos los ataques de hackers. Para mayor seguridad, necesitas la versión premium.
Hide My WP Ghost oculta todas las rutas y patrones comunes utilizados, pero los bots detectan que estás usando WordPress.
-
¿Cómo puedo cambiar las rutas de WP en el escritorio del administrador?
-
Por defecto, Hide My Ghost cambia las rutas solo en la vista pública.
No te recomendamos esto, pero si también quieres cambiar la ruta en el escritorio del administrador, añade esta línea en el archivo wp-config.php.
define('HMW_ALWAYS_CHANGE_PATHS', true);
Guarda los ajustes en Hide My WordPress Ghost y las rutas de WordPress se cambiarán en el escritorio de administración.
-
¿Cómo eliminar las reglas de reescritura de HMW de WP Definition en .htaccess?
-
Por defecto, Hide My WP Ghost añade las reglas de reescritura en 2 lugares de .htaccess para evitar errores cuando otros plugins están borrando las reglas de .htaccess.
Si quieres tener las reglas de reescritura de Hide My WP Ghost solo dentro de #BEGIN HMWP_RULES … #END HMWP_RULES, añade esta línea en el archivo wp-config.php.
define( 'HMW_RULES_IN_WP_RULES', false );
Guarda los ajustes en Hide My WP > Guarda las rutas y el plugin eliminará las reglas de reescritura de la definición de WordPress #BEGIN WordPress …. #END WordPress
-
¿Por qué la nueva ruta del administrador está redirigida a la página de inicio?
-
Por defecto, cuando estableces en modo Ghost de plugin Hide My WP Ghost, solo puedes acceder con la nueva ruta de acceso.
Para activar la opción de acceder a la nueva ruta del administrador y ser redirigido a la nueva ruta de acceso, haz esto:
Cambiar a desactivada la opción Hide My WP > Cambiar las rutas > Seguridad del administrador > Ocultar la nueva ruta del administrador
Una vez que desactives la opción y guardes los ajustes, cuando accedas a la nueva ruta del administrador, se te redirigirá la la nueva ruta de acceso.
Reseñas
Colaboradores y desarrolladores
«Hide My WP Ghost – Seguridad y cortafuegos» es un software de código abierto. Las siguientes personas han colaborado con este plugin.
Colaboradores«Hide My WP Ghost – Seguridad y cortafuegos» está traducido en 3 idiomas. Gracias a los traductores por sus contribuciones.
Traduce «Hide My WP Ghost – Seguridad y cortafuegos» a tu idioma.
¿Interesado en el desarrollo?
Revisa el código , echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.
Registro de cambios
5.3.01 (07 Oct 2024)
Update – Added Hide My WP Advanced Pack in Plugins suggestion
Update – Added Drupal 11 in CMS simulation
Update – Set 404 Not Found error as default option for hidden paths
Update – the files CSS and JS files from WP 6.6 when Clean Login is selected in Advanced > Compatibility
Update – Added the option to pause the plugin for 5 minutes for testing purposes
Fixed – Redirect to homepage the newadmin when user is not logged in
5.3.00 (20 Sept 2024)
Update – Added New Feature Magic Link Login Without Password in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Code (2FA) in Hide My WP > Overview
Update – Added New Feature Two-factor Authentication By Email (2FA) in Hide My WP > Overview
Update – Added New Feature Temporary Logins Without Password in Hide My WP > Overview
Update – Compatibility with WP 6.6.2 & 8.3.11
Update – Brute Force compatibility with UsersWP plugin
Update – Cookie set on WP Multisite with subdomains
Update – Brute Force shortcode to work with different login forms
Update – Brute Force shortcode to work with Elementor login form
Fixed – Compatibility with Nitrocache
Fixed – Compatibility with Squirrly SEO
Fixed – Compatibility with Autoptimize
Fixed – Compatibility with Woocommerce
Fixed – Compatibility with Wordfence
Fixed – Security Check on admin url and login url
Fixed – Google reCaptcha on frontend popup to load google header if not already loaded
Fixed – Hide New Login Path to allow redirects from custom paths: lost password, signup and disconnect
Fixed – WP Multisite active plugins check to ignore inactive plugins
Fixed – Small bugs
5.2.04 (07 July 2024)
Fixed – Compatibility with WP 6.6
Fixed – Security update on wp-login.php and login.php
5.2.03 (04 July 2024)
Update – Added the option to hide the new login path on redirects
Update – Hide login.php path together with wp-login.php path from being redirect to the new login
Update – File permissions check in Security Check to check htaccess and login paths
Fixed – Small bugs
5.2.02 (19 June 2024)
Update – Added more path in Frontend Test to make sure the settings are okay before confirmation
Update – Firewall message on blocking process when loading on WP initialization
Update – Compatibility with Wordfence to prevent rewrite rules update on security scan
Update – Language translation and typos fixed
Update – Disable click and keys to work without jQuery
Update – Added the option to immediately block a wrong username in Brute Force
Update – Sub-option layouts
Fixed – Trim error in cookie when main domain cookie is set
Fixed – Filter words in 8G Firewall that might be used in article slugs
5.2.01 (04 June 2024)
Update – Added Firewall blacklist by User Agent
Update – Added Firewall blacklist by Referrer
Update – Added Firewall blacklist by Hostname
Update – Added the option to select the level of access for an IP address in whitelist
Removed – Mysql database permission check as WordPress 6.5 handles DB permissions more secure
Moved – Firewall section was moved to the main menu as includes more subsections
Fixed – 8G Firewall compatibility with all page builder plugins
Fixed – preg_match warning on firewall.php when checking search engine bots
Fixed – Firewall saving process for Whitelist and Blacklist features
Fixed – Login access when member plugins are used for login process
5.1.03 (20 May 2024)
Update – Compatibility with WP 6.5.3
Update – Compatibility with WPEngine rules on wp-admin and wp-login.php
Update – Add whitelist paths feature
Update – Select the Whitelist level for IPs and Paths
Fixed – Prevent firewall to record all triggered filters as fail attempts
Fixed – Remove filter on robots when 8G firewall is active
Fixed – Frontend Login Check popup to prevent any redirect to admin panel in popup test
Fixed – Prevent redirect the wp-admin to new login when wp-admin path is hidden
Fixed – Prevent blocking login page on password protection page when the login path is set by another plugin
5.1.02 (30 Apr 2024)
Update – Security Check verifies the firewall against SQL & Script injection and weak usernames
Update – Font-sizes and layouts
Update – Add support to MyList theme
Update – 7g & 8G firewall to match more WP actions and compatibility with more plugins
5.1.01 (10 Apr 2024)
Update – Added the 8G Firewall filter
Update – Added the required header security for Apache and Nginx
Update – Added the option to block the theme detectors
Update – Added the option to block theme detectors crawlers by IP & agent
Update – Added the option to simulate CMSs like Drupal & Joomla
Update – Added the option on Apache to insert the firewall rules into .htaccess
Fixed – Load Firewall on all server types only in frontend to avoid functionality issues in backend
Fixed – Avoid loading recaptcha on Password reset link
Fixed – Screen 120dpi display layout
Fixed – Hide reCaptcha secret key in Settings
5.0.29 (19 Mar 2024)
Update – Compatibility with WP 6.5
Update – Compatibility with CloudPanel & Nginx servers
Update – Compatibility with WordFence scanning
Fixed – Hide rest_route only for visitors to avoid errors with builders
5.0.28 (14 Feb 2024)
Compatibility with PHP 8.3 and WP 6.4.3
Update – Compatibility with Hostinger
Update – Compatibility with InstaWP
Update – Compatibility with Solid Security Plugin (ex Solid Security)
Update – Added the option to block the API call by rest_route param
Update – Added new detectors in the option to block the Theme Detectors
Update – Security Check for valid WP paths
Fixed – Don’t load shortcode recapcha for logged users
Fixed – Rewrite rules for the custom wp-login path on Cloud Panel and Nginx servers
Fixed – Issue on change paths when WP Multisite with Subcategories
Fixed – Hide rest_route param when Rest API directory is changed
Fixed – Multilanguage support plugins
Fixed – Small bugs & typos
5.0.27 (18 Oct 2023)
- Update – Compatibility with WP 6.4.1 & PHP 8.3
- Update – Option to create a random suffix number instead of the version number to prevent caching on static files in admin
- Fixed – Default redirect URL in Tweaks > Redirects
- Actualización: Compatibilidad con MainWP Server-Client
- Actualización: Compatibilidad con el plugin WPML
- Update – Hide rest_route param when Rest API directory is changed
- Fixed – URL query args sanitization when the rewrite rules are not added correctly in config file
- Fixed – Specify the jQuery on Disable Click feature
- Update – Compatibility with Hostinger
- Update – Compatibility with InstaWP
- Update – Add shortcode on BruteForce [hmwp_bruteforce] for any login form
- Fixed – Small Bugs
5.0.26 (28 Aug 2023)
- Fixed – Brute Force Math Recaptcha security
- Fixed – Compatibility with themes without Brute Force Math Recaptcha
5.0.25 (23 Aug 2023)
- Corregido – Cambio de rutas en el feed de logos y enlaces
- Corregido – Informe de comprobación de seguridad
- Corregido – Mejorada la seguridad en el acceso
- Fixed – Typos & Bugs
5.0.24 (03 July 2023)
- Update – Frontend Test to check and show the not found links
- Update – Add compatibility with 2FA and Two-Factor plugins for two factor authentication
- Update – Add Compatibility with FlyingPress & WPFrontendAdmin
- Update – WP functions and notifications for PHP 8.2 compatibility
- Update – Add new key combinations in HMWP disable inspect element and view source
- Fixed – Prevent login redirect when the prevent slowing website is activated
5.0.23 (29 May 2023)
- Update – Add the option to connect to the custom login path from Cloud
- Update – Compatibility with WP 6.2.2
- Fixed – Typos and small bugs
5.0.22 (16 May 2023)
- Actualización: Añadida compatibilidad con servidores de Cloud Panel
- Update – Add compatibility for CMP Coming Soon & Maintenance Plugin by NiteoThemes plugin
- Update – Add the option to select the server type if it’s not detected by the server
- Update – Add the option to add the rules between the WordPress rewrite rules on Apache/Litespeed servers
- Actualización: Compatibilidad con Siteground
- Update – Compatibility with Avada when cache plugins are enabled
- Fixed – Remove the rewrites from WordPress section when the plugin is deactivated
- Fixed – User roles names display on Tweaks
- Fixed – Combined the Plugin Loading Hook into one option
5.0.20 (03 May 2023)
- Update – File processing when the rules are not set correctly
- Update – Security headers default values
- Fixed – Compatibilities with the last versions of other plugins
- Fixed – Reduce resource usage on 404 pages
5.0.19 (23 Apr 2023)
- Update – Brute Force protection on lost password form
- Update – Brute Force protection on Woocommerce (login, signup, lost passowrd)
- Update – Compatibility with MemberPress plugin
- Fixed – My account link on multisite option
- Fixed – Settings to verify the array values on settings saving process
- Fixed – Small Bugs
= 5.0.18 (03 Mar 2023)=
* Update – Compatibility with WP 6.2
* Update – Compatibility with more plugins and themes
* Update – Security check when wp-content is customized
* Update – File handle for login, signup, logout
* Update – Compatibility with PHP 8.2
* Update – Remove the atom+xml meta from header
* Update – Remove the noredirect param if the redirect is fixed
* Update – Check the XML and TXT URI by REQUEST_URI to make sure the Sitemap and Robots URLs are identified
* Update – Check the rewrite rules on WordPress Automatic updates too
* Update – Add the option to disable HMWP Ghost custom paths for the whitelisted IPs
* Update – Save all section on backup restore
* Update – Add the option to remove the sitemap style as a separate option from changing the paths in Sitemap.
= 5.0.17 (19 Dec 2022)=
* Update – Compatibility with WP 6.1
* Update – Remove the noredirect param if the redirect is fixed
* Update – Update the verification of the XML and TXT URI
* Update – Get the correct login URL when backend URL is different from frontend URL
* Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
* Fixed – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
* Fixed – White screen on iphone > safari when disable inspect element option is on
* Fixed – To remove the version from URL even if the ‘ver’ param doesn’t have any value
* Fixed – Typo in Security Check
= 5.0.16 (21 Oct 2022)=
* Update – Add the Brute Force protection on Register Form to prevent account spam
* Update – Add the Whitelabel IP option in Security Level and allow the Whitelabel IP addresses to pass login recaptcha and hidden URLs
* Update – Added the option to prioritize the loading of HMWP Ghost plugin for more compatibility with other plugins
* Update – Compatibility with LiteSpeed servers and last version of WordPress
* Update – Compatibility with Breakdance plugin
* Update – Compatibility with Nicepage Builder plugin
* Update – Compatibility with WP 6.0.2
* Fixed – Allow self access to hidden paths to avoid cron errors on backup/migration plugins
* Fixed – Remove the get_site_icon_url hook to avoid any issue on the login page with other themes
* Fixed – Compatibility with ShortPixel webp extension when Feed Security is enabled
* Fixed – Fixed the ltrim of null error on PHP 8.1 for site_url() path
= 5.0.15 (06 Sept 2022)=
* Fixed – URL Mapping for Nginx servers to prevent 404 pages
* Fixed – PHP error in Security Check when the X-Powered-By header is not string
* Fixed – Compatibility with Wp-Rocket last version
* Fixed – Brute force math issue on woocommerce login when third party woocommerce logins
* Fixed – Not to hide the image on login page when no custom image is set in Appearance > Customize > Site Logo
* Fixed – Compatibility with ShortPixel webp extension when Feed Security is enabled
* Update – Compatibility with Nicepage Builder plugin
* Update – Compatibility with WP 6.0.2
= 5.0.14 (17 June 2022)=
* Update – Compatibility with Coming Soon & Maintenance Mode PRO
* Update – Compatibility with WordPress 6.0
* Update – Add the option to automatically redirect to admin when access the login page and the user is logged
* Fixed – Avoid showing 404 error on Litespeed WP Multisite when a new site is created
* Fixed – Avoid showing 404 error on Litespeed WP Multisite when a new taxonomy is created
* Fixed – Brute force math security when the math field is deleted
* Fixed the hidden URLs process
= 5.0.13 (03 May 2022)=
* Update – Compatibility with WordPress 5.9.3
* Update – Compatibility with BackUpWordPress plugin
* Update – Compatibility with Themify theme
* Fixed – Added the URI in the redirected URL
* Fixed – Compatibility with LiteSpeed cache plugin
= 5.0.12 (08 Mar 2022)=
* Update – Added compatibility with Backup Guard Plugin
* Update – Prevent affecting the cron processes on Wordfence & changing the paths during the cron process
* Update – Change the WP-Rocket cache files on all subsites for WP Multisite
* Update – Automatically add the CDN URL if WP_CONTENT_URL is set as a different domain
* Update – Compatibility with WordPress 5.9.1
* Fixed – Change Paths for Logged Users issue
* Fixed – Show the feature icon in the feature list
* Fixed – Show all the rewrite paths for WpEngine with PHP >7.4
* Fixed – Frontend test when the plugins paths are not changed
= 5.0.11 (22 Feb 2022)=
* Update – Added 7G Firewall option in Hide My WP > Change Paths > Firewall & Headers > Firewall Against Script Injection
* Update – Fixed the menu hidden issue when other security plugins are active
* Update – Compatibility with Login/Signup Popup plugin when Brute Force Google reCaptcha is activated
* Update – Compatibility with Buy Me A Coffee plugin
* Fixed – Library loading ID in HMWP Ghost
= 5.0.10 (17 Feb 2022)=
* Update – Added new option in Login Security: Hide the language switcher option on the login page
* Update – Added the option to reset all settings to default
* Update – Added the Ctrl + Shift + C restriction when Inspect Element option is active
* Update – Added the features text for translation
* Update – Added Firewall & Headers option
* Update – Added the option to ignore the notifications and avoid repeating alerts
* Update – Added the option to disable Right-Click for logged users and user roles
* Update – Added the option to disable Inspect Element for logged users and user roles
* Update – Added the option to disable View Source for logged users and user roles
* Update – Added the option to disable Copy/Paste for logged users and user roles
* Update – Added the option to disable Drag/Drop for logged users and user roles
* Update – Add the option to hide the wp-admin path for non-admin users
* Update – Compatibility with Namecheap hosting
* Update – Compatibility with Ploi.io
* Update – Compatibility with WordPress 5.9
* Update – Compatibility with Coming Soon & Maintenance Mode PRO
* Update – Compatibility with Advanced Access Manager (AAM) plugin
* Update – Compatibility with WPS Hide Login
* Update – Compatibility with JobCareer theme
* Update – Compatibility with Wordfence Security Scan when the wp-admin is hidden
* Update – Compatibility with the Temporary Login Without Password plugin to work with the passwordless connection on custom admin
* Update – Compatibility with the LoginPress plugin to work with the passwordless connection on custom admin
* Update – Compatibility with WordPress Sitemap, Rank Math SEO, SEOPress, XML Sitemaps to hide the paths and style on Nginx servers
* Update – Compatibility with Nitropack
* Update – Compatibility with OptimizePress Dashboard
* Update – Compatibility with Bricks Builder
* Update – Compatibility with Zion Builder
* Update – Compatibility with MainWP
* Update – Compatibility with Limit Login Attempts Reloaded
* Update – Compatibility with Loginizer
* Update – Compatibility with Shield Security
* Update – Compatibility with iThemes Security
* Update – Compatibility with Smush plugin
* Update – Compatibility with Wordfence 2FA when reCaptcha is active
* Update – Added compatibility with JCH Optimize 3 plugin
* Update – Added compatibility with Oxygen 3.8 plugin
* Update – Added compatibility with WP Bakery plugin
* Update – Added compatibility with Bunny CDN plugin
* Update – Update compatibility with Manage WP plugin
* Update – Update compatibility with the Autoptimize plugin
* Update – Update compatibility with Breeze plugin
* Update – Update compatibility with Cache Enabler plugin
* Update – Update compatibility with CDN Enabler plugin
* Update – Update compatibility with Comet Cache plugin
* Update – Update compatibility with the Hummingbird plugin
* Update – Update compatibility with Hyper Cache plugin
* Update – Update compatibility with the Litespeed Cache plugin
* Update – Update compatibility with the Power Cache plugin
* Update – Update compatibility with the W3 Total Cache plugin
* Update – Update compatibility with WP Fastest Cache plugin
* Update – Update compatibility with the iThemes plugin
* Update – Added compatibility with Hummingbird Performance plugin
* Update – Advanced Text Mapping to work with Page Builders in admin
* Update – Changing the paths in sitemap.xml and robots.txt to work with all SEO plugins
* Update – Translate the plugin into more languages
* Update – Select the cache directory if there is a custom cache directory set in the cache plugin
* Update – Show the change in cache files option for more cache plugins
* Update – Removed the WordPress title tag from login/register pages
* Fix – Brute Force blocking Wordfence Cron Job
* Fix – Infinite loop when POST action on unknown paths
* Fix – Remove the login URL from the logo on the custom login page
* Fix – Set Filesystem to direct connection for file management
* Fix – Don’t show the rewrite alert messages if nothing was changed in HMWP
= 4.1.11 (24 Ian 2022)=
* Update – Compatibility with WordPress 5.9
* Fix compatibility with other plugins
= 4.1.10 (24 Nov 2021)=
* Update – Compatibility with WordPress 5.8.2
* Update – Remove the style in Sitemap XML for Nginx Servers
* Update – Compatibility with Zion Builder
* Update – Compatibility with Bricks builder
* Fix – Don’t load the paths while in Theme Customization
= 4.1.09 (08 Sept 2021)=
* Update – Compatibility with WordPress 5.8
* Update – Website information https://hidemywpghost.com
* Update – Set website logo on login page when option Hide My WP > Advanced > Clean Login is set
* Update – Set change paths to work with different domain ports
* Update – Compatibility with MainWP
* Update – Compatibility with Limit Login Attempts Reloaded
* Update – Compatibility with Loginizer
* Update – Compatibility with Shield Security
* Update – Compatibility with Solid Security
* Update – Added compatibility with JCH Optimize 3 plugin
* Update – Added compatibility with Oxygen 3.8 plugin
* Update – Added compatibility with WP Bakery plugin
* Update – Added compatibility with Bunny CDN plugin
* Update – Update compatibility with Manage WP plugin
* Update – Update compatibility with Autoptimize plugin
* Update – Update compatibility with Breeze plugin
* Update – Update compatibility with Cache Enabler plugin
* Update – Update compatibility with CDN Enabler plugin
* Update – Update compatibility with Comet Cache plugin
* Update – Update compatibility with Hummingbird plugin
* Update – Update compatibility with Hyper Cache plugin
* Update – Update compatibility with Litespeed Cache plugin
* Update – Update compatibility with Power Cache plugin
* Update – Update compatibility with W3 Total Cache plugin
* Update – Update compatibility with WP Fastest Cache plugin
* Update – Update compatibility with Solid plugin
* Fix – Password strength error on custom login reset password
* Fix – Remove only the wordpress prefetch from source code and not other domains
* Fix – Plugin uninstall issue because of missing contact HMW_VERSION
= 4.1.08 (18 June 2021)=
* Fix – Update the jetPack tracking script
* Fix – Show plugin settings calling the plugin to hook correctly
* Fix – Warning: Constants may only evaluate scalar values in hide-my-wp/config/config.php on line 107
* Fix – Removed the memory limit verification
* Fix – Add a warning for memory under 64MB
* Fix – Fixed the <?PHP warning in Permalinks at the end of the file
= 4.1.07 (19 May 2021)=
* Update – Compatibility with WordPress 5.7.2
* Update – Added compatibility with Oxygen Builder
* Update – Added compatibility with Thrive Architect Builder
* Update – Added compatibility with Gravity
= 4.1.06 (26 April 2021)=
* Update – Added compatibility with builders Oxygen, Elementor, Thrive, Bricks
* Update – Added extra security in the backend
* Update – Added the option to prevent WordPress redirects and slow the website speed when the config rules are not loading
* Fix – Brute Force warning when blocks the IP in function get_blocked_ips
* Fix – Changed the form submission action read due to config.json file permission on some servers
4.1.05 (15 Feb 2021)
- Update – Update Security for the last updates and WP requirements
- Update – Optimize JS library from third-party plugins
- Update – Let Hide My WP Settings load if the Permalink Structure is /?p=123
- Update – Added 403 Error Code option for the wp-admin and wp-login.php redirects
- Fixed – Compatibility with PHP 8.0 with deprecated functions
- Fixed – Compatibility with the Flywheel hosting server and custom Nginx config location
- Fixed – Hide My WP > Security Check UI
- Fixed – Filesystem error when the library is not correctly loaded
- Fixed – Change paths in Login page when Late Loading is active
- Fixed – Change the WordPress login logo when Clean Login Page is active
- Fixed – Compatibility with WordPress 5.7
4.1.04 (23 Ian 2021)
- Update – Added compatibility for AppThemes Confirm Email
- Update – Compatibility with PPress plugin on Login Page and Logout Page
- Update – Compatibility with SiteGround Cache plugin
- Update – Compatibility warning with W3 Total Cache Lazy Load
- Update – Security Check to hide readme.html, license.txt, and other common files
4.1.03 (11 Dec 2020)
- Update – The rules update on adding a new plugin or theme
- Update – Added compatibility for AppThemes Confirm Email
- Fixed – Rollback the settings when pressing the Abort button
- Fixed – Fixed Backup/Restore rules flash
- Fixed – Add the correct text direction for WPML while in Posts and Pages
- Fixed – Compatibility with WordPress 5.6
4.1.02 (11 Oct 2020 )
- Update – Compatibility with Manage WP plugin
- Update – Added the option to disable the REST API wp-json in Hide My WP – Permalinks
- Update – Add the plugin as Must Use plugin for better security and compatibility with other plugins
- Update – Compatibility with Really Simple SSL plugin
- Update – New UX for better understanding of the redirects in Hide My WP > Tweaks
- Update – Compatibility with WPML when setting custom wp-admin and admin-ajax
- Update – Compatibility with WPML when RTL languages are set in the dashboard
- Update – Compatibility with bbPress plugin
- Update – Compatibility with JetPack plugin
- Update – Compatibility with Newspaper theme on XMLWPC.php access
- Update – Added Compatibility with WP 5.5.3
4.1.01 (26 Oct 2020 )
- Update – Extra caching in .htaccess when «Optimize CSS and JS Files» is activated
- Update – Do not cache if already cached by WP-Rocket or WP Fastest Cache
- Update – Added Login and Logout redirects for each user role
- Update – New UX for better understanding of the redirects
- Fix – 404 error on Nxing server when updating the settings
4.0.12 (01 Oct 2020 )
- Update – Added compatibility with Pro Theme by Themeco
- Update – Added compatibility with Smush PRO by WPMU DEV
- Update – Added compatibility for WP Client plugin by WP-Client.com
- Update – Header removals for theme detectors
4.0.11 (03 Sept 2020 )
- Update – Remove version parameter from CSS and JS URLs containing the plus sign
- Update – Added {rand} in Text Mapping to show random string on change
- Update – Added {blank} in Text Mapping to show an empty string on change
- Update – Compatibility with last version WP Fastest Cache plugin
- Fix – Added a fix for noredirect param on infinite loops
- Fix – Load the 404 not found files correctly
4.0.10 (31 Aug 2020 )
- Fixed some errors caused by the last version
- Fix – Saving options in Mapping, Tweaks, and Advanced when followed by Permalinks Changing abort
4.0.09 (27 Aug 2020 )
- Update – Added the version hook to remove the versions from CSS and JS
- Update – Load the login on WPEngine server with PHP7.4 when the login is set as /login
- Update – Detect Flywheel server and add the rules accordingly
- Update – Compatibility with Solid Security on custom login
4.0.08 (13 Aug 2020 )
- Update – WordPress Security Updates for WP 5.5
- Update – Compatibility with WPML
- Update – Compatibility with the last versions of the popular plugins
4.0.07 (06 Aug 2020 )
- Update – Added the option to hide /login and /wp-login individually
- Update – Added the option to redirect to a custom URL on logout
- Small Bugs Fix
4.0.06 (09 July 2020 )
- Update – Compatibility with WPEngine + PHP 7
- Update – Compatibility with Absolutely Glamorous Custom Admin plugin
- Update – Compatibility with Admin Menu Editor Pro plugin
- Fix – Small CSS & Warning issues
4.0.05 (30 June 2020 )
- Update – Compatibility with WPEngine with PHP 7.4
- Update – Compatibility with the cache plugins (tested the latest versions)
- Update – The Security Check report task
- Update – Plugin security on Security Check
- Update – The plugins list in Hide My WP
- Fixed – Removed the map URL from bootstrap CSS and JS
- Fixed – CSS in Hide My WP Settings
4.0.04 (16 June 2020 )
- Update – Added HMW_RULES_IN_CONFIG and HMW_RULES_IN_WP_RULES to control the rules in the config file
- HMW_RULES_IN_CONFIG will add the rules at the top of the config file (default true)
- HMW_RULES_IN_WP_RULES will add the rules in the WordPress config area (default true)
- Update – Change the rewrite hook to make sure the rules are added in the WordPress rewrites before flushing them
- Update – Compatibility with Solid Security plugin
4.0.03 (04 June 2020)
- Update – RTL Support
- Update – Brute Force Protection Filter
- Update – Compatibility with more cache plugins like Hummingbird and Cachify
- Update – Alert when the rewrites are not added correctly in the config file
- Update – WordPress Security Updates for WP 5.4.1
- Fixed – Small CSS fixes
4.0.02 (04 May 2020)
- Fix – login redirect for nginx server
- Fix – constant warning NONCE_KEY in confi.php
- Update – Compatibility with WordFence
4.0.01 (29 April 2020)
- Update – Show the Hide My WP menu only on Network if WP Multisite
- Update – Prevent loading the style from wp-admin in the custom login page
- Update – WPEngine 2020 rewrites compatibility
- Update – Added option to hide only the IDs and Classes in Hide My WP > Text Mapping
- Update – Added the option to remove the WordPress common paths in /robots.txt file
- Update – Added the option to remove the WordPress common paths in /sitemap.xml
- Update – Compatibility with the most popular plugins and WordPress 5.4.1
- Fix – Show 404 files in case the rewrites are not working or Allowoverride is OFF
- Fix – Detect correct HTTPS or HTTP schema for Login Preview and validation
- Fix – Save the Hide My WP rewrites when other plugins are updating the config file to prevent rewrite errors
Security:
Two-Factor Authenticator Code
2FA Security
Temporary Login without password
WordPress Security Plugin
Ocultar Mi WP – Plugin de seguridad de WordPress
Ocultar meu WP – Segurança do WordPress
Cacher mon WordPress – Plugin de sécurité WordPress
Verstecken Sie mein WordPress – WordPress Sicherheits-Plugin
Hide My WP – WordPress Security Plugin
Hide WordPress
Security Plugin
Hide My WP free download
Hide wp-login URL