Descripción

WP-Hide has launched the easiest way to completely hide your WordPress core files, login page, theme and plugins paths from being shown on front side. This is a huge improvement over Site Security, since no one will know whether you are running or not a WordPress. It also provides a simple way to clean up html by removing all WordPress fingerprints.

No file and directory change!
No file and directory will be changed anywhere. Everything is processed virtually. The plugin code uses URL rewrite techniques and WordPress filters to apply all internal functionality and features. Everything is done automatically without user intervention required at all.

Real hide of WordPress core files and plugins
The plugin not only allows you to change default URLs of you WordPress, but it also hides/blocks such defaults. Other similar plugins, just change the slugs, but the defaults are still accessible, obviously revealing WordPress as CMS.

You can change the default WordPress login URL from wp-admin and wp-login.php to something totally arbitrary. No one will ever know where to try to guess a login and hack into your site. It becomes totally invisible.

La documentación completa del plugin está disponible en WordPress Hide and Security Enhancer – Documentación

When testing with WordPress theme and plugins detector services/sites, any setting change may not reflect right away on their reports, since they use cache. So, you may want to check again later, or try a different inner URL. Homepage URL usage is not mandatory.

Being the best content management system, widely used, WordPress is susceptible to a large range of hacking attacks including brute-force, SQL injections, XSS, XSRF etc. Despite the fact the WordPress core is a very secure code maintained by a team of professional enthusiast, the additional plugins and themes make ita vulnerable spot for every website. In many cases, those are created by pseudo-developers who do not follow the best coding practices or simply do not own the experience to create a secure plugin.
Statistics reveal that every day new vulnerabilities are discovered, many affecting hundreds of thousands of WordPress websites.
Over 99,9% of hacked WordPress websites are target of automated malware scripts, which search for certain WordPress fingerprints. This plugin hides or replaces those traces, making the hacking boots attacks useless.

It works well with custom WordPress directory structures,e.g. custom plugins, themes, and upload folders.

Once configured, you need to clear server cache data and/or any cache plugins (e.g. W3 Cache), for a new html data to be created. If you use CDN this should be cache clear as well.

Ejemplo de uso

Funcionalidad principal del plugin:

Customizes Admin URL
Blocks default admin URL
Blocks any direct folder access to completely hide the structure
Customize wp-login.php filename
Blocks default wp-login.php
Blocks default wp-signup.php
Blocks XML-RPC API
Creates New XML-RPC paths
Adjusts theme URL
Creates New child Theme URL
Changes theme style file name
Cleans any headers for theme style file
Customizes wp-include
Blocks default wp-include paths
Blocks default wp-content
Customizes plugins URL
Changes Individual plugin URL
Blocks default plugins paths
Creates New upload URL
Blocks default upload URL
Removes WordPress version
Blocks Meta Generator
Disables the emoji and required javascript code
Removes pingback tag
Removes wlwmanifest Meta
Removes rsd_link Meta
Removes wpemoji
Minifies Html, Css, JavaScript
Security Headers

y mucho más.

No other plugin functionality will be blocked or interfered in any way by WP-Hide

This plugin allows to change the default Admin URL from wp-login.php and wp-admin to something else. All original links turn the default theme to “404 Not Found” page, as if nothing exists there. Besides the huge security advantage, the WP-Hide plugin saves lots of server processing time by reducing php code and MySQL usage since brute-force attacks target the weakURL.

Important: Compared to all other similar plugins which mainly use redirects, this plugin turns a default theme to“404 error” page for all blocked URL functionalities, without revealing the link existence at all.

Since version 1.2, WP-Hide change individual plugin URLs and made them unrecognizable. For example,the change of the default WooCommerce plugin URL and its dependencies from domain.com/wp-content/plugins/woocommerce/ into domain.com/ecommerce/cdn/ or anything customized.

Secciones de los plugins

**Hide -> Scan

Exhaustive system security examination with analysis and improvements guidance and fixes

Hide -> Rewrite > Theme

New Theme Path – Changes default theme path
New Style File Path – Changes default style file name and path
Remove description header from Style file – Replaces any WordPress metadata information (like theme name, version etc.,) from style file
Child – New Theme Path – Changes default child theme path
Child – New Style File Path – Changes child theme style-sheet file path and name
Child – Remove description header from Style file – Replaces any WordPress metadata information (like theme name, version etc.,) from style file

Hide -> Rewrite > WP includes

New Include Path – Changes default wp-include path/URL
Block wp-include URL – Blocks default wp-include URL

Hide -> Rewrite > WP content

New Content Path – Change default wp-content path/URL
Block wp-content URL – Blocks the default content URL

Hide -> Rewrite > Plugins

New Plugin Path – Changes default wp-content/plugins path/URL
Block plugin URL – Blocks default wp-content/plugins URL
New path / URL for Every Active Plugin
Customize path and name for any active plugins

Hide -> Rewrite > Uploads

New Upload Path – Changes default media files path/URL
Block upload URL – Blocks default media files URL

Hide -> Rewrite > Comments

Nueva ruta wp-comments-post.php
Bloquear wp-comments-post.php

Hide -> Rewrite > Author

Nueva ruta de autor
Bloquear ruta por defecto

Hide -> Rewrite > Search

Nueva ruta de búsqueda
Bloquear ruta por defecto

Hide -> Rewrite > XML-RPC

New XML-RPC Path – Changes default XML-RPC path / URL
Block default xmlrpc.php – Blocks default XML-RPC URL
Disable XML-RPC authentication – Filters whether XML-RPC methods require authentication
Remove pingback – Removes pingback link tag from theme

Hide -> Rewrite > JSON REST

Limpiar la respuesta de la API REST
Disable JSON REST V1 service – Disables an API service for WordPress which is active by default
Disable JSON REST V2 service – Disables an API service for WordPress which is active by default
Block any JSON REST calls – Any call for JSON REST API service will be blocked
Disable output the REST API link tag into page header
Disable JSON REST WP RSD endpoint from XML-RPC responses
Disable Sends a Link header for the REST API

Hide -> Rewrite > Root Files

Block license.txt – Blocks access to license.txt root file
Block readme.html – Blocks access to readme.html root file
Block wp-activate.php – Blocks access to wp-activate.php file
Block wp-cron.php – Blocks outside access to wp-cron.php file
Block wp-signup.php – Blocks default wp-signup.php file
Block other wp-*.php files – Blocks other wp-.php files within WordPress Root

Hide -> Rewrite > URL Slash

URL’s add Slash – Add a slash to any links without it. This disguisesthe existence of a file, folder or a wrong URL, which will all be slashed.

Hide -> General / Html > Meta

Remove WordPress Generator Meta
Remove Other Generator Meta
Remove Shortlink Meta
Quitar DNS Prefetch
Remove Resource Hints
Eliminar el meta wlwmanifest
Remove feed_links Meta
Disable output the REST API link tag into page header
Eliminar el meta rsd_link
Remove adjacent_posts_rel Meta
Quitar enlace de perfil
Quitar enlace canónico

Hide -> General / Emulate CMS

Emular un CMS

Hide -> General / Html > Admin Bar

Quitar la barra de administración de WordPress de perfiles de usuario especificados

Hide -> General / Feed

Quitar enlaces feed|rdf|rss|rss2|atom

Hide -> General / Robots.txt

Disable admin URL within Robots.txt

Hide -> General / Html > Emoji

Desactivar Emoji
Desactivar Emoji TinyMC

Hide -> General / Html > Styles

Quitar versión
Remove ID from link tags

Hide -> General / Html > Scripts

Quitar versión

Hide -> General / Html > Oembed

Remove Oembed

Hide -> General / Html > Headers

Quitar el enlace de la cabecera
Quitar X-Powered-By de la Cabecera
Remove Server Header
Remove X-Pingback Header

Hide -> General / Html > HTML

Quitar comentarios HTML
Minify Html, CSS, JavaScript
Remove general classes from body tag
Remove ID from Menu items
Remove class from Menu items
Remove general classes from post
Remove general classes from images

Hide -> General / Html > User Interactions
* Disable Mouse right click
* Disable Text Selection
* Disable Copy / Paste
* Disable Print
* Disable Print Screen
* Disable Developer Tools
* Disable View Source
* Disable Drag / Drop

Hide -> Admin > wp-login.php

New wp-login.php – Maps a new wp-login.php instead of the default one
Block default wp-login.php – Blocks default wp-login.php file from being accessible

Hide -> Admin > Admin URL

New Admin URL – Creates a new admin URL instead of the default ”/wp-admin”. This also applies for admin-ajax.php calls
Block default Admin Url – Blocks default admin URL and files from being accessible

Settings -> CDN

CDN Url – Sets-up CDN if applied. Some providers replace site assets with custom URLs.

Security -> Headers
HTTP Response Headers are a powerful tool to Harden Your Website Security.
* Cross-Origin-Embedder-Policy (COEP)
* Cross-Origin-Opener-Policy (COOP)
* Cross-Origin-Resource-Policy (CORP)
* Referrer-Policy
* X-Content-Type-Options
* X-Download-Options
* X-Frame-Options (XFO)
* X-Permitted-Cross-Domain-Policies
* X-XSS-Protection

This free version works with Apache and IIS server types. For all server types, check with WP Hide PRO

This is a basic version that can hide everything for basic sites, example https://demo.wp-hide.com/. When using complex plugins and themes, the WP Hide PRO may be required. We provide free assistance to hide everything on your site, along with the commercial product.

Anything wrong with this plugin on your site? Just use the forum or get in touch with us at Contact and we’ll check it out.

Puedes encontrar una web de ejemplo en https://demo.wp-hide.com/ o nuestra web WP Hide and Security Enhancer

Página de inicio del plugin en WordPress Hide and Security Enhancer

Este plugin está desarrollado por Nsp-Code

Adaptación local

Por favor, ayuda y traduce este plugin a tu idioma en https://translate.wordpress.org/projects/wp-plugins/wp-hide-security-enhancer

You are kindly asked to promote this plugin if it comes up to your expectations via an article on your site or any other place. If you liked this code/WP-Hide or if it helped with your project, why not leave a 5 star review on this board.

Capturas

Admin Interface.
Sample front html code.

Instalación

Install the plugin through the WordPress plugins interface or upload the package to /wp-content/plugins/wp-hide-security-enhancer directory.
Activate the plugin through the ‘Plugins’ screen in WordPress.
Use the WP Hide menu screen to configure the plugin.

FAQ

No dudes en ponerte en contacto con nosotros en contact@wp-hide.com para obtener un soporte rápido.

Does the plugin change anything on my server?

Absolutely Nothing!
No files and directories will be changed on your server, since everything is processed virtually. The plugin code use URL rewrite techniques and WordPress filters to apply all internal functionalities and features.

Since I have no PHP knowledge at all, is this plugin for me?

There is no requirement for php knowledge. All plugin features and functionalities are applied automatically, controlled through a descriptive admin interface.

¿Hay alguna demo que pueda comprobar?

A demo instance can be found at https://demo.wp-hide.com/ or our own website WP Hide and Security Enhancer

Can I use the plugin on my Nginx server?

If the server runs full-stack Nginx, the free plugin can’t generate the required format Nginx rewrite rules. It works with Apache, LiteSpeed, IIS, Nginx as a reverse proxy and compatible.

¿Aún puedo actualizar WordPress, mis plugins y temas?

Todo funciona como antes, no se ha roto ninguna funcionalidad. Puedes ejecutar las actualizaciones en cualquier momento.

Does the plugin affect the SEO aspects of my website?

No, the plugin changes only asset links (CSS, JavaScript, media files),but not actual content URLs. There will be no negative impact from SEO perspective, whatsoever.

Does the plugin work with my site cache?

Yes, the plugin works with any cache plugin deployed on your site.

What are HTTP Security Headers?

HTTP Response Headers are a powerful tool to Harden Your Website Security. The plugin provides an easy way to add Security Response Headers through a graphical interface. No additional codding and file editing is necessary.

What servers this plugin can work with?

This free code/WP-Hide can work with Apache, IIS server types and any other set-up which rely on .htaccess usage.
For all other cases, check the PRO version at WP Hide PRO

How to make it work with my OpenLiteSpeed server?

There are few things to consider when you run on litespeed servers:

Ensure the liteserveractually processes the .htaccess file, where the rewrite data is being saved. Check with the following topic regarding this issue Post
If you use Litespeed Cache plugin, in the Optimization Settings area, disable the CSS / JS Minify
If your litespeed server requires to place the rewrite lines in a different file,e.g. config file or interface, consider upgrading to PRO version which includes a Setup page where you can get the rewrite code WP Hide PRO.

How to use on my Bitnami setup?

As default, on Bitnami LAMP set-ups, the system will not process the .htaccess file, so none of the rewrites will work. You can change this behavior by updating the main config file located at /opt/bitnami/apps/APPNAME/conf/httpd-app.conf , update the line

AllowOverride None

AllowOverride All

Restart the Apache service through SSH

sudo /opt/bitnami/ctlscript.sh restart

More details can be found at Bitnami Default .Htaccess

You can still keep the configuration as it is using the WP Hide PRO, more details at Setup the plugin on Bitnami WordPress LAMP stack

.htaccess file writing error – Unable to write custom rules to your .htaccess. Is this file writable?

I’m seeing this error “Unable to write custom rules to your .htaccess. Is this file writable”? What does it mean?
The error appears when the plugin is not able to write to .htaccess file located in your WordPress root directory. You can try the followings to make a fix:

Check if your .htaccess file is writable. This can be different from server to server, but usually require rw-rw-r– / 0664. Also ensure the file owner is the same group as php.
Sometimes the other codes wrongly use the flush_rules() which hijack the default filters for rewrite. Try to disable the other plugins and theme to figure out which ones produce the issue.
De-activate and RE-activate the plugin, apparently worked for some users.
Create a backup of .htaccess, then delete it from the server. Go to Settings > Permalinks > update once, this should create the file again on the WordPress root. If so, try to change any WP Hide options which will update the .htaccess content accordingly.

Algo no va bien, ¿qué puedo hacer? ¿Cómo puedo recuperar mi sitio?

There will be no harm.
Go to admin and change some of the plugin options to see which one causes the problem. Then report it to the forum or get in touch with us to fix it.
If you can’t log in to admin, use the Recovery Link which has been sent to your e-mail. This will reset the login to default.
If you can’t find the recovery link or none of the above worked, delete the plugin from your wp-content/plugins directory. Then remove any lines in your .htaccess file between:
BEGIN WP Hide & Security Enhancer
..
END WP Hide & Security Enhancer
At this point, the site should run as before. If for some reason still not working, you missed something, please get in touch with us at contact@wp-hide.com and we’ll fix it for you in no time!

How to use the Recovery Link?

The Recovery Link can be used to reset all plugin options and restore the site to the default state.
The link should be entered into the browser URL bar. After the operation is completed, a system message will show “The plugin options have been reset successfully”.
If the message does not show, there is a cache on your site that prevents the code to run. Locate your cache data, usually at /wp-content/cache/ and remove the files. Then re-load the recovery link.

What to do if I can’t find a functionality that I’m looking for?

Please get in touch with us and we’ll do our best to include it inthe next version.

Reseñas

kullussteve 29 de mayo de 2023

Great plugin and rapid support!

israelpelayo 13 de mayo de 2023

This is a must-have plugin pro for all websites made with Wordpress. Given the nature of the functions, it is a bit complex to configure, but fortunately, they have their own recommendation scanning tool, which gives very timely guidance on how configurations should be done. Congratulations team, you have done a fantastic job. On the other hand, if something slips up in the configurations, in the face of any bugs, the support team has also been phenomenal. It is incredible, but they have solved my site problems, even on the same day I sent the support request, considering the different schedules between my country and their country of residence. Thank you very much for your support.

erinkao 11 de mayo de 2023

I recently purchased this plugin to improve the security and concealment of my website. However, I ran into some issues with its setup. Thankfully, the plugin author was very responsive and helped me resolve the issue quickly. I appreciate the time and effort she put into helping me, and her guidance made a huge difference in getting my website up and running smoothly. The plugin allows me to hide my WordPress content successfully, making it more difficult for people to know that my site is powered by WordPress. This is crucial for protecting the security and privacy of my website. Lastly, I want to emphasize that the plugin's author is very responsive and provides excellent support service. This is particularly important for non-technical people like me. Overall, I highly recommend this plugin to anyone who wants to enhance website security and concealment. It is easy to install and use, packed with powerful features, and the author provides excellent support service.

djshanon 11 de mayo de 2023

i have been a customer for years & seldom do i need support. recently i did need support & wp-hide walked me through each issue until everything was perfect. thanks dan!

codefilx 4 de mayo de 2023 2 respuestas

This plugin is dangerous because it can disrupt the entire site at any moment. It may work with you for a while, but believe me, there will come a moment when your site does not work due to these changes.

IntegralBirth 20 de abril de 2023

Great plugin and great support! Thank you!

Leer todas las 255 reseñas

Colaboradores y desarrolladores

«WP Hide & Security Enhancer» es un software de código abierto. Las siguientes personas han colaborado con este plugin.

«WP Hide & Security Enhancer» ha sido traducido a 2 idiomas locales. Gracias a los traductores por sus contribuciones.

Traduce «WP Hide & Security Enhancer» a tu idioma.

¿Interesado en el desarrollo?

Revisa el código , echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.

Registro de cambios

2.1

Relocate the plugins_themes_compatibility prior module components initialization.
Avoid looping with certain 3rd codes by caching the home url.
HTML Comments removal regex updates.
Compatibility update for qTranslate-XT plugin, when using the option redirect to language and customizing the default login url through WP Hide

2.0.6

Use regex patterns for Scan – Replacements, for better accuracy in the identification of the fingerprints proposed to be changed.
Deprecated Expect-CT.
Remove the Expect-CT from the recommended headers.

2.0.4

Suppress the option to block the Developer Tools / Inspect when page/post preview.
Add to cache clear for Autoptimize, Perfmatters, Breeze, Site Ground Cache, when flushing the caches.
Site Ground Cachepress plugin compatibility update
WordPress compatibility check for 6.2
WordPress compatibility tag update.

1.9.9

Decrease the Scan progress background AJAX update, to avoid time-outs on slow connections.
Improvement: When using the Disable Developer Tools option, check if iPhone device and disable, through JavaScript instead PHP, to avoid caching.
New Screenshot for better pre-visualization of the actual interface.
Fix: Scan Admin component, Fix button URL.

1.9.7

New Security Headers component – Referrer-Policy.
Check the post meta and option value if serialized ( double serialization ), before reversing the URLs.
Code improvements.
Updated translation PO file.

1.9.5

Replaced the deprecated Feature-Policy with Permissions-Policy security header.
Fix: Scan disable redirects when testing firewall, to ensure correct results
Fix count() error for not countable variable.
PO language file updates

1.9.3

Add additional description for potentially dangerous files found within WordPress root.
Typo fix for «Dangerous Files»
Fix: Tipsy JavaScript error
Fix: Undefined variable $site_score within render_overview()
Fix: Divided by zero when calculating the overall scan progress
Fix: Wrong remote_html variable

1.9.1

New feature – Security Scan.
Security Scan dashboard widget
Inform on possible LiteSpeed service restart if use such system.
Check if HTTP_USER_AGENT environment variable exists before making comparison.
Fix Oxigen compatibility when using the HTML Minify.
Fix: Cache Enable static call.

1.8.8

New component Headers -> Remove Server Header.
Prevent output of «document.addEventListener» unless an user-interaction option is active.
Add X-XSS-Protection into the headers list, to avoid reporting as not used as security header.
Code Improvements and clean-up.
PO language file update.

1.8.6

Ignore the «Disable Developer Tools» on iPhone
WordPress 6.1 compatibility tag
Fix: Security headers progress comparison step.
Slight css changes

1.8.5

Improved Disable Developer Tools feature, by returning an empty page.
W3 Total Cache – implements support for Push CDN and custom folders
Compatibility fix with JCH Optimize.
Ignore invalid SSL certificate when testing rewrites, to allow local instances.
Fix: static to public functions for a2-optimized compatibility class.
Fix: use preg_match to ensure the HTML data is valid and avoid faulty code with multiple head tags.
Slight text changes within some options, for better explanations.

1.8.3

New options interface – User Interactions: Disable Mouse right click, Disable Text Selection, Disable Copy / Paste, Disable Print, Disable Print Screen, Disable Developer Tools, Disable View Source, Disable Drag / Drop
Better accessibility for additional details regarding each of the options.
Improved progress score calculation for Headers.
A2 Optimized WP – compatibility fix.
WordPress 6.0.2 tag compatibility update
Fix CDN option external help page URL.

1.8.1

Improved server environment rewrite test checking routines.
Separate rewrite tests for static files and PHP files. This avoids reporting issues for servers not supporting rewrites for php-files.

1.8

Add a new button to reset the current page options.
Use regex to sanitize the URL arguments
Relocated the Reset All Settings button to the bottom of the interface.
Compatibility for Super Page Cache for Cloudflare
Slight layout improvements and changes.
WordPress 6.0.1 compatibilit tag

1.7.9.2

Change the advanced_notice class within the interfaces to avoid issues caused by 3rd theme.
Do not remove comments when json request
WordPress 6.0 compatibilit tag

1.7.8.1

When checking and calculating the the Headers protection score, ignore the SSL verification for the domain, to allow usage of invalid certificates.
Check if set headers are actually passed-through on the front side, as some servers may block that.
Set WP_ROCKET_WHITE_LABEL_FOOTPRINT to remove the footer comment for WP Rocket, when active

1.7.8

New Security Functionality – Headers. HTTP Response Headers are a powerful tool to Harden Your Website Security.
Security Headers – Cross-Origin-Embedder-Policy (COEP), Cross-Origin-Opener-Policy (COOP), Cross-Origin-Resource-Policy (CORP), X-Content-Type-Options, X-Download-Options, X-Frame-Options (XFO), X-Permitted-Cross-Domain-Policies, X-XSS-Protection.
Security Headers – Protection Level graph
Security Headers – Sample Setup
Security Headers – Recovery functionality
Styles and layout improvements
Code clean-up
Fix: Append URL arguments to login URL, if exists

1.7.6

Run on revision posts, to match URLs and revert to default WordPress ( e.g. when using Gutenberg editor )
Require a .php for the customization of the default wp-login.php to avoid cookie issues on password change area.
WooCommerce 5.9 compatibility check and tag.

1.7.3

Fix: If Emulate CMS active, ensure the buffer is an HTML content

1.7.3

New functionality, block wp-json for everyone or non-logged-in users.
Fix Emulate CMS documentation url.
Removed Twitter share.

1.7.1

Nueva característica del plugin: Emular un CMS
Update PO language file
Skip comment removal when admin dashboard.
Fix: Ignore comment removal when Gutenberg JSON call for blocks, to avoid formatting issues.

1.6.4

Ensure compatibility with PHP 8.0
Update PO language file
Update documentation URLs within the plugin interfaces, with the non-www domain wp-hide.com

1.6.3.9

Incluir la «Limpieza de la respuesta de la API REST» dentro de la configuración de ejemplo.

1.6.3.8

Nueva opción para el módulo JSON REST – «Limpiar la respuesta de la API REST»
Relocated Feed tab to Rewrite module

1.6.3.7

Output the help title only if there’s an help section available through the module settings
Fix undefined $found_issues
WordPress 5.8 compatibility tag

1.6.3.6

Add dashboard and cpanel to system reserved to avoid permalinks conflicts
LiteSpeed Cache compatibility update
WP-Optimize compatibility update

1.6.3.4

Update compatibility file for TranslatePress – Multilingual

1.6.3.3

Fix attachment_url_to_postid
Fix undefined get_metadata_raw

1.6.3.2

Confirmation page for Recovery link
Use home_url() instead site_url() for recovery links to ensure the format is correct for WordPress instances using own directory
Trigger the login URL change e-mail at shutdown instead init
Compatibility with TranslatePress – Multilingual
Fix undefined notice
Fix meta Uncaught TypeError: count(): Argument
Slight code improvements

1.6.3.1

Improved description for Test Rewrite procedure, when the server fails to provide a valid response, rewrite engine is not active or the custom urls are not allowd.
Fixed Undefined Property Notice

1.6.3

Server Environment Check to ensure there are no rewrite issues and the plugin can be safely deployed.
Interactive feedback with hints and explanations for environment issues.
Improved UI
Clear fusion cache when plugin options changed if avada active
Fix New Search Path replacement to include an end slash, to avoid catch wrong urls
Check and tag for WordPress 5.7

1.6.2.5

Fix: Add slash for «New Search Path» to avoid wrong replacements with urls containing the new search slug.

1.6.2.4

Reverse URLs when saving a options, to avoid custom urls to be writted within the database.
Check if string before making a replacement on metadata
Compatibility file for Oxigen editor, when using Signatures
Simple Firewall compatibility file update – check if FernleafSystems\Wordpress\Plugin\Shield\Controller\Controller class exists before apply

1.6.2.0.4

Update Compatibility file with Oxygen editor, for image with link wrapper
WordPress 5.6 compatibility tag update

1.6.2.0.3

Compatibility file with Oxygen editor

1.6.2.0.2

Fix: Check the replacements for update_post_metadata method on text and array types.

1.6.2

Reverse URLs when saving a meta data field, to avoid custom urls to be writted within the database.
Trigger a system notice when deployed on MultiSite, as not being compatible.
Don’t run _init_remove_html_new_lines when AJAX call to avoid front side processing errors.
WP Rocket compatibility file updates, to works with combined CSS assets
Shield Security compatibility update, to works with version 10 and up.
Prevent nottices and errors when attempt to rite on .htaccess file.
New filter wph/components/wp_oembed_add_discovery_links to allow disabling the Remove Oembed – wp_oembed_add_discovery_links
New filter wph/components/wp_oembed_add_host_js to allow disabling the Remove Oembed – wp_oembed_add_host_js
New compatibility file for wePOS plugin
New compatibility file for Asset CleanUp Pro Page Speed Booster plugin

1.6.1.3

Compatibility with Hyper Cache
Update JSON REST service disable, remove the json_enabled as being deprecated, rely on rest_authentication_errors filter
Fix WooCommerce Update Database link when changing the default /wp-admin/ slug
Fix password forget return URL
Remove callback for Compatibility file for Shield Security within new-admin module

1.6.1.1

Fix: Remove callback for Compatibility file for Shield Security within custom login module

1.6.1

Compatibility file fix for Shield Security
Etiqueta de compatibilidad con WordPress 5.5.1

1.6.0.9.1

Ignore CDN value check for domain name similitude

1.6.0.9

LiteSpeed guide on Setup interface
Nueva funcionalidad – Desactivar el clic derecho del ratón
Compatibility file – JobBoardWP
Compatibility WP-Optimize – Clean, Compress, Cache
Etiqueta de compatibilidad con WordPress 505

1.6.0.8

Avoid using domain name as replacement for any option, or might conclude to wrong replacements within the outputted HTML or wrong reversed urls.
Add system reserved words as ‘wp’, ‘admin’, ‘admin-ajax.php’
Slight General code improvements
Clean cookie for the new custom slug, if set.
Integration with WP-Optimize – Clean, Compress, Cache

1.6.0.6

WP Job Manager – compatibility update

1.6.0.5

New Setup interface with helps and hints on how to use the plugin.
New Sample Setup, which deploy a basic set-up of plugin options
Remove internal wp_mail and rely on WordPress core
Improved FAQ area
Updated base language file

1.6.0.4

Purga la caché para el plugin Fast Velocity Minify, al limpiar la caché interna
Devuelve el nuevo slug de administración al llamar a admin_url() y si la administración por defecto está personalizada
Utiliza sin protocolo al cargar los archivos, para garantizar que se carguen sobre el protocolo de dominio actual
Actualización del archivo de compatibilidad con BuddyPress
Actualización del archivo de compatibilidad con Elementor
Actualización del archivo de compatibilidad con ShortPixel Adaptive Images
Actualización del archivo de compatibilidad con WooCommerce
Actualización del archivo de compatibilidad con WP Rocket
Nuevo archivo de compatibilidad con Fast Velocity Minify
Nuevo archivo de compatibilidad con LiteSpeed Cache
Nuevo archivo de compatibilidad con Swift Performance
Nuevo archivo de compatibilidad con WP Speed of Light

1.6

Nuevo filtro wp-hide/content_urls_replacement
Compatibilidad con Ultimate Member, corregida la subida de imágenes de usuario
Compatibilidad actualizada con W3 Cache, utilizando la opción postprocessorRequire
Actualizaciones de compatibilidad con Fluentform
Emite toda la pila de errores para $wp_filesystem si existe
Corrección tipográfica en el módulo subidas

1.5.9.9

Procedimiento actualizado para la identificación del tipo de servidor
Añadido nuevo tipo de texto/plano para el contenido filtrable
Añadido server_nginx_config a la clase principal, para ser usado dentro de otros módulos
Actualización del cuantificador de reescritura para IIS de .+ to .*
Ignorado el bloque wp-content si el agente es LiteSpeed-Image

1.5.9.5

Actualizado el método is_filterable_content_type, devuelve TRUE si no encuentra la cabecera Content-Type

1.5.9.4

Corregido el protocolo del sitio de demostración de léeme

1.5.9.4

Corrección «undefined method WPH_functions::get_site_module_saved_value()» cuando el tipo de contenido es text/xml

1.5.9.3

Comprueba el tipo de contenido del búfer filtrable, antes de hacer reemplazos, para evitar cambios erróneos
Actualizar sólo las URL en el tipo de contenido XML
URL actualizada del sitio de demostración del plugin en el archivo léame
Actualización de la compatibilidad del plugin ShortPixel Image Optimizer
Aviso de un posible problema de bloqueo de Cron en ciertos servidores

1.5.9

New admin interfaces skin.
Relocated plugin assets within a different folder for better organisator.
Updated mu-loader module
Add help and hints for each options for easier understanding.
Allow same base slug to be used for individual plugins
Updated language file
Check if environment file is not available and outputs admin messages
Environment class with relocated environment json, to avoid security scanners false reports.
Cache Enabler plugin compatibility module
WoodMart theme compatibility
Compatibility module for WP Smush and WP Smush PRO plugins
Add the new filter available for WP Rocket to change css content
WebARX compatibility module update
W3 Cache module update

1.5.8.2

Ensure base slug (e.g. base_slug/slug ) is not being used for another option to prevent rewrite conflicts
Return correct home path when using own directory for WordPress and hosting account use the same slug in the path.
Relocated get_default_variables() function on a higher priority execution level, to get default system details.
Switched Yes / No options selection, to outputs first No then Yes ( more logical )

1.5.8

Add reserved option names to avoid conflicts e.g. wp
Always clear any code plugin cache when plugin update
Easy Digital Downloads compatibility
Elementor plugin compatibility
Fusion Builder plugin compatibility
Divi theme compatibility updates
WP Fastest Cache plugin compatibility updates
Check if ob_gzhandler and zlib.output_compression before using ‘ob_gzhandler’ output buffering handler

1.5.7

Autoptimize css/js cache and minify compatibility
Wp Hummingbird and WP Hummingbird PRO assets cache compatibility

1.5.6.9

Nueva funcionalidad: Quitar el enlace de la cabecera

1.5.6.8

Corrección: Llamada a un método no vákido WP_Error::has_errors()
Corrección: Se intenta borrar Opcache si no se restringe la API

1.5.6.7

Permite que los trabajos cron internos se ejecuten incluso si wp-cron.php está bloqueado.
Comprueba con wp_filesystem cualquier error y envía los mensaje,s antes de intentar escribir cualquier contenido
Provocar el vaciado de la caché del sitio en los ajustes cambiados o en la actualización del código
Pequeñas actualizaciones de css
Marca la opción de bloqueo en texto rojo para una mejor visibilidad y conocimiento del usuario

1.5.6.4

Fix: Keep double quote at the start of the replacements when doing JSON matches to avoid replacing strings for other domains
Corrección: Ejecuta el paquete de compatibilidad para «ShortPixel Adaptive Images» solo cuando el plugin esté activo

1.5.6.3

Fix: remove javascript comments produce worng replacements on specific format.

1.5.6.2

Usa el prefijo actual de tu sitio cuando quites ‘user_roles’

1.5.6

Fix BBPress menus by calling directly the wp_user_roles option ratter get_roles()
Replace comments within inline JavaScript code when Remove Comments active
Posibles avisos de conflicto de acceso al usar WebArx, WPS Hide Login
New action wp-hide/admin_notices when plugin admin notices
Return updated url when calling admin_url instead replaced when buffer outputs to ensure compatibility with specific plugins

1.5.5.9

Módulo de compatibilidad con el plugin ShortPixel Adaptive Images
Añadida compatibilidad con campos de área de texto dentro de la interfaz de opciones del plugin
Corregidas las urls de los archivos minificados al usar el plugin de caché WP Rocket

1.5.5.7

Filter remove fix

1.5.5.6

Corregida la página de inicio de sesión cuando se utiliza la caché de Wp Rocket

1.5.5.5

Corregida sustitución del escritorio de administración cuando se usa la caché de Wp Rocket

1.5.5.4

Corregida la caché de Wp Rocket cuando usas minimizar y concatenación
Nueva funcionalidad – Quitar la barra de administración de perfiles específicos
El módulo de estructura de bloques se extiende para ser compatible con ‘callback_arguments’ para pasar a través de datos adicionales a la función de procesamiento
Redirigir la url de búsqueda por defecto de una url no amigable a una personalizada

1.5.5

Nuevo componente: Reescribir autor
Nuevo componente: Reescribir buscar
Muestra el enlace de recuperación en la parte superior de la página para asegurarse de que todos puedan guardar el enlace para usarlo si algo sale mal.
Enviar código de recuperación al correo electrónico del administrador del sitio
Ajustes menores del código
Envía la nueva url de acceso al correo electrónico del administrador del sitio, para garantizar que el usuario pueda recuperar el acceso al panel de control si olvida el nuevo slug
Se eliminaron los métodos no utilizados dentro del componente WPH_module_rewrite_new_include_path

1.5.4.2

Corrección: Método no definido para el módulo de compatibilidad de WooCommerce

1.5.4.1

Allow rewrite for images within admin, as being reversed to default when saving the post

1.5.4

Reestructuración de la compatibilidad, uso de un módulo general.
Corregida compatibilidad con Shield Security wp-simple-firewall
Se elimina el filtro upload_dir ya que produce algunos problemas en un entorno específico, las posibles incompatibilidades se procesarán posteriormente en el módulo de compatibilidad General
Filtra el contenido de la publicación en la acción save_post, para revocar cualquier slug personalizada como URLs de medios, para conservar la compatibilidad con versiones anteriores, en caso de que se desactive el plugin
Asegúrate de que wp-simple-firewall se ejecuta una vez cuando se llama desde múltiples componentes
Actualización para el componente Rewrite Slash, usa una reescritura condicional para asegurarte de que el código no se active para el método POST

1.5.3.1

Fix JSON encoded urls when using SSL

1.5.3

Remove _relative_domain_url_replacements_ssl_sq and _relative_domain_url_replacements_ssl_dq replacements for buffer as being integrated to other variables
Relocated upload_dir() to general functions.php to catch new content and uploads slugs.
Use full domain url for new wp-admin slug, instead relative to avoid wrong replacements for 3rd urls
Use full domain url for new wp-login.php, instead relative to avoid wrong replacements for 3rd urls
Typos fix for CDN texts
Additional description for «Block any JSON REST calls» option to prevent Gutenberg block
Updated rewrite for URL Slash to include a second conditional, to not trigger on POST calls

1.5.2.2

Add trailingslashit to plugins slug to be used for replacements to avoid wrong (partial) slug changes

1.5.2.1

Fixed upload rewrite by using default_variables[‘upload_url’]
Verificación de compatibilidad con WordPress 5.0

1.5.2

Se ha actualizado los archivos de idiomas po
compatible con CDN cuando se usan urls personalizadas
Moved the action replacement for wp_redirect_admin_locations at _init_admin_url()
Trigger the action replacement for wp_redirect_admin_locations only if new admin slug exists
Preserve absolute paths when doing relative replacements
Populate upload_dir() data with new url if apply
When doing reset, empty all options before fill in existing with default to ensure deprecated data is not being held anymore

1.5.1.2

Do not redirect to new admin url unless rewrite_rules_applied()
Generate no rewrite rules if there’s no options / reset
Se ha eliminado cualquier variable pasada al llamar a la acción do_action(‘wph/settings_changed’) ya que la función no puede aceptar ningún argumento.
Re-generate a new write_check_string on settings change to ensure if no .htacccess / web.config file is writable, it trigger correct error and flag the disable_filters variable.
Use inline JS code confirmation for Reset Settings, in case the separate JavaScript file is not loaded caused by an rewrite issue.
Reset confirmation message update to better inform the admin upon the procedure to follow.
WPEngine environment check, as they do not support Apache rewrite out of the box
Strip off protocol and any www prefix for site_url and home_url to ensure accurate comparing
Fixed redirect url when saving the options and WordPress deployed in subfolder
Fixed redirect url when reset all options and WordPress deployed in subfolder
Improved compatibility for WordPress subfolder install
Fixed some rewrite lines when WordPress installed in a path and subfolder
Replaced the internal variable permalinks_not_applied to more intuitive custom_permalinks_applied
Restart the buffering if flushed out, mainly used for footer when updating plugins and themes
Add textdomain for multiple untranslated texts
Updated PO language file
Fixed textdomain for couple texts
Add text to textdomain

1.4.9.1

Updated MU Loader, if there’s no plugin active avoid to receive any notice.
Allow new wp-login.php
Disponible versión PRO
Check if there’s a ‘message’ key for arguments set through wp_mail filter
Se ha actualizado los archivos de idiomas po

1.4.8.2

WPML compatibility when use different domains for each language
Se ha sustituido google social ya que produce algunos errores de JavaScript.
Do not apply the admin/login replacements if permalinks where not applied.
Language Po file update
Minify replaces ‘Remove new line carriage’
Minificar Html, Css, JavaScript
Opciones para que Minify comprima los diferentes componentes
Arreglado el conflicto con Shield Security

1.4.7.6

Compatibilidad con PHP 7.2
Replaced trilingslashit from the end of template url to improve compatibility with urls (e.g. JavaScript variables) which does not include an ending slash.

1.4.7.4

WooCommerce downloadables fix when using custom slug for uploads
Include support for admin_url() along with admin-ajax.php
Fixed redirect link after user register.
Use get_rewrite_base and get_rewrite_to_base for all modules to apply correct site path and any WordPress subdirectory install
WordPress subdirectory install compatibility fix
Improved router file processor for WordPress subdirectory installs

1.4.7

Rewrite changes for many components
Rewrite update for admin and login url
Typos fix
Compatibility for diferent environments, when WordPress deployed in a domain root, a subdirectory, or it’s own folder https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory

1.4.6.6

Fixed rewrite ens slashes for wp-login.php and wp-admin components

1.4.6.5

Fixed hardcoded wp-register.php within rewrite – root files component
Updated components to rewrite_base / rewrite_to system
Improved components: Rewrite – WP Includes, Rewrite – WP Content, Rewrite – Plugins, Rewrite – Uploads, Rewrite – Comments, Rewrite – Root Files, Admin – wp-login.php, Admin – Admin Url
Typo fix environemnt to environment
New Component – Remove Shortlink Meta
New Component – Remove new line carriage
Apply relative paths change on styles only if main theme / child theme rewrite slug is not empty
Improved interface errors and warnings transient structure
Use ABSPATH and Environemnt data to create file path for file processing, instead just ABSPATH, for better compatibility

1.4.5.6

Prevent the wp-register.php redirect to new login page when using block
Prepare plugin for Composer package
URL Slash description update
xml_rpc_path add php_extension_required validation
File processor use ABSPATH instead DOCUMENT_ROOT environment variable to avoid different paths on certain systems
Allow path structure to be used for New Theme Path and Child – New Theme Path

1.4.5.1

Media Galery src images fix
Use separate variables for holding replacements to avoid key overwrite

1.4.5

Add replacements for urls which does not contain explicit protocol e.g. http: or https:
Avada cache URLs replacements support
Fix processing_order for specific root files
Ignore wp-register.php when blocking other wp-* files
Fixed wp-register.php block
Check for replacements on url encoded links
Show message notices on General/HTML -> Html for options which may interfere with themes.
sanitize_file_path_name fix when slug include a file type extension
Prevent redirect to new url when accessing links through www
New component Feeds
Windows – Global file process rewrite rules update

1.4.4.4

If no server type identification possible, try to check for .htaccess file
Improved .htaccess search mod, Use preg_grep for identify the begin and end of WordPress rules
Output notice when no supported server was found
Use separate block of rules for .htaccess file, outside of WordPress lines
Improved server htaccess support check
Moved WPH_CACHE_PATH constant declaration from mu loader to wph class
Use shutdown hock instead wp_loaded when plugin inline updated
Use FS_CHMOD_FILE for $wp_filesystem->put_contents

1.4.4.2

Fixed default wp-content block
Updated compatibility with WP Fastest Cache
Fixed wp-content replacement

1.4.4.1

Replace the file-process file remove update

1.4.4

New component : Robots.txt to control the outputed data
Check if any environment variable has changed before Update static environment file
Improved Default constants map
File-processing check WordPress wp-load.php down the path, for custom install directory.
Templates style clean
Use cache for cleaned styles files
Set HTTP_MOD_REWRITE environment variable through mod_rewrite
Separate rewrite rules from WordPress and use distinct block with specific marker
Add relative .htaccess file manipulation to avoid accessing permissions when WordPress installed within a subfolder.
Updated .po language file

1.4.3

Tags update

1.4.2

Replaced «Remove description header from Style file» and «Child – Remove description header from Style file» functionality

1.4.1

Security improvments

1.4

Fix: Allow only css files to be processed through the router to prevent other types from being displayed arbitrary.
Mu-loader updated version
Environment allowed path to limit css files processing
Include _get_plugin_data_markup_translate ratter WordPress method
Fix: replacement_exists returned wrong response since not using priority keys
Fix: Add media replacement, use correct replacement_exists function call
Router check for client HTTP_ACCEPT_ENCODING type to start ob_start using ob_gzhandler or not.
Update urls dynamically within stylesheets files e.g. include ‘../theme-name’
Use trailingslashit for theme / child new urls to make sure it match full url instead partial theme name (e.g. main-theme and main-theme-child)
Block wp-register.php
get_home_path rely on DIRECTORY_SEPARATOR for better compatibility
Check if plugin slug actually exists within all plugins list on re_plugin_path component

1.3.9.2

Fix: Use of undefined constant WPH_VERSION

1.3.9.1

Fix: Child theme settings not showing up
Use register_theme_directory if empty $wp_theme_directories
Plugin Options validation improvements for unique slug

1.3.9

General / Html > Meta -> new option Remove DNS Prefetch
New component – Comments
Fix: Updated admin urls on plugin / theme / core update page
fix: WP Rocket url replacements for non cached pages
Regex patterns updates for better performance and compatibility
Fix: WP Rocket – support HTML Optimization, including Inline CSS and Inline JS

1.3.8.1

Fix – Create mu-plugins folder if not exists

1.3.8

WP Rocket plugin compatibility module
Plugin loader component through mu-plugins for earlier processing and environment manage
Fix: Plugins Update iframe styles src
Fix: WordPress Core Update redirect url
WP Fastest Cache plug in compatibility improvements

1.3.7

Sanitize Admin Url for not using extension (e.g. .php) as it confuse the server upon the headers to sent
Fix: replacements links when using custom directory for WordPress core files
Fix: child theme path fix when changing style filename
New Theme Path – help resource link fix
Changed from DOMDocument to preg_replace for better compatibility with themes and plugins
Improved execution speed

1.3.6.3

Fixed PHP Notice: Undefined variable: dom

1.3.6.2

W3 Total Cache – Page Cache compatibility fix
Canonical tag replacement improvements
Pingback tag replacement improvements
Fix custom Background Images for body on themes which support that feature

1.3.6

Post-process on options interface save for unique slugs on any text inputs to prevent conflicts.
Processing Order change for new_theme_child_path to occur before new_theme_path
New COmponent General -> Oembed
Remove Oembed tags from header
Remove Remove Resource Hints tags from header
rewrite rules update to match only non base, from (.*) to (.+)
wph-throw-404 improvements
BuddyPress conflict handle for uploaded gravatars
Admin Style changes
BuddyPress Conflict Class handler
Separate WordPress meta Generator and Other Meta Generator
Process Location value within sent Headers list if exists
Replacements for https and http urls relative to domain
Add replacements for relative paths to cover WordPress installs within a folder.
Use untralingslashit when creating theme and child theme url replacements
Fix for Call to a member function is_404() on a non-object within wp_redirect

See full list of changelogs at https://wp-hide.com/plugin-changelogs/