Update: Hide My WP 4.03 has been released!
Introducing Intrusion Detection System:
This is one of the most important features so far! Remember, what happened few months ago for Revolution Slider and Showbiz. There was a serious vulnerability which affects lots of premium themes and websites. Now IDS is here to protect your site against similar issues in future! Technically, it monitors all of requests of the site and assign a number (i.e. Impact Factor) to each request base on tens security checks. Impact factor indicates how much dangerous is that request. Should it be blocked? Should site admin be notified about it or we should just log it for future validity check. It’s useful against almost any type of attacks, any vulnerable plugin or theme! It may takes some time to trade off configuration in order to minimize false positives.
Did you know:
Hide My WP created to help us. It not only boosts our security but it also allows us to have more beautiful URLs and permalinks!
YES!! I saw this earlier today but just couldn’t resist to put off buying it. And I must say this plugin works just as described.
I love it! And I gave the official 3rd rating so now you have 5 STARS PressPrime Thanks.
I really think you are onto something highly unique with this plugin. For a few years now, I’ve been wishing someone could develop something that can help protect files, folder names, etc and you have clearly worked very hard to do just that. Keep up the great work! I look forward to seeing what else you come up with! * 5 Stars! *
As a veteran of a thousand psychic wars… this is fabulous and is most useful! Good on Ya! for making this one! I wish you many sales as they are well deserved. For privacy… what man can pay a price as that? Privacy is key If one wants to take it… Molon Labe.
Keep up the work as we are in need of your talent. Thank you
5 stars to u! My website has lots of plugins and I wasn’t believe your plugin will work with them but I was wrong. Super
Boost your security
Hide My WP control access to PHP files. It protects your site from almost 90% of SQL-Injection and XSS attacks caused by direct access to PHP files. This means you can install unsafe plugins without worry about security. You know hackers, spammers and bots all love WordPress, too with Hide My WP they can’t recognize (or access to) WordPress and simply ignore you!
Change WordPress permalinks
The magic starts now… But before it stick in your mind we don’t change any file or folder and everything is in its default location! we just control access to it and this guarantees maximum compatibility for the plugin.
- Try this: wpwave.com/wp-login.php
- Not found!? OK. Try this one: wpwave.com/wp-login.php?hide_my_wp=1234
Hide or change wp-admin and all of its files (for untrusted users)
- wpwave.com/wp-admin/ – Not found!
- or Change it to wpwave.com/my-admin/
Change WordPress theme directory, remove theme Info from stylesheet, replace default WP classes and finally minify it!
- wpwave.com/template/main.css (Instead: .../wp-content/themes/twentytwelve/style.css)
Change plugins directory and hash plugins name
- wpwave.com/modules/0f6a208e/shortcodes.css (Instead: .../wp-content/plugins/zilla-shortcodes/shortcodes.css)
- wpwave.com/modules/0f6a208e/shortcodes.php – Not found! (Deny access)
Change upload URL, wp-includes folder, AJAX URL, etc.
- wpwave.com/file/test-image-landscape.jpg (Instead: .../wp-content/uploads/test-image-landscape.jpg)
- wpwave.com/lib/js/jquery/jquery.js (Instead: .../wp-includes/js/jquery/jquery.js)
- wpwave.com/ajax.php – Output 0 (Instead: .../wp-admin/admin-ajax.php)
Change WordPress queries URL:
- New URLs:
- Old, not working URLs:
- wpwave.com/?p=1 – Nothing happen!
- wpwave.com/?author=1 – Nothing happen!
- wpwave.com/?s=hide – Nothing happen!
Change author permalink (or disable it!)
- New: wpwave.com/admin or wpwave.com/profile/admin (Optional)
- Old: wpwave.com/author/admin – Not found!
Change or disable feeds
- New: wpwave.com/index.xml
- New: wpwave.com/cat/aciform/index.xml
- Old: wpwave.com/feed/ – Not found!
- Old: wpwave.com/cat/uncategorized/feed/ – Not found!
Hide all other WordPress files!
Disable WordPress archives, categories, tags, pages, posts, etc
Continue reading there’s still more!
- Easily replace any words in your html output file!
- Notify you when someone is mousing about your WordPress site (included with visitor details like IP, user agent, referrer and even username!)
- Compress html output and remove comments in source code
- Remove WordPress meta Info from header and feeds
- Change default WordPress email sender
- Custom 404 page!
- Remove unnecessary menu classes
- Clean up body classes
4.03 – 02/14/2015
- New Option to replace new URLs in AJAX responses - BUG FIX: Inserting media with safe HTML minify enabled
4.02 – 02/06/2015
- Bug Fix: wp-signup.php was hided - Bug Fix: WP IDS rules were updated - Bug Fix: Make New admin path work in Multisite - Bug Fix: Purchase code remains after importing new settings - Bug Fix: New admin path for Nginx webserver - Improvement: IDS alert email is reformatted - Improvement: More readable info for IDS log
4.01 – 11/12/2014
- Compatibility with Hyper Cache, WP-Rocket - General improvement for auto update - A bug fix related to displaying message
4.00 – 11/06/2014
- NEW: Introducing IDS (Intrusion Detection System) with customized rules for WP - NEW: Auto plugin update (require valid purchase code) - NEW: Finally official support for IIS (Windows servers!) - NEW: Undo previous settings whenever you want! - NEW: Light settings scheme was added - NEW: Ability to use backslash in Replace in HTML - IMPROVEMENT: Full compatibility for gantry-based themes - IMPROVEMENT: Options mapper was written - IMPROVEMENT: Automatic compatibility test has been added to guide users - FIX a bug caused by author base default value - FIX year numbers bug (for upload directory)
3.0 – 07/02/2014
- NEW: Ability to rename wp-admin! - NEW: Simple and sweet anti-spam - NEW: Disable directory listing for plugins and themes and WP - WP 1.9 compatibility plus UI adjustment - Deactivating HMWP now store saved settings - API filter added to resetting to defatults - wp-cron.php and upgrade.php added to whitelist - Fixed a bug in page preview - Fixed feed and canonical URL issue - Fixed multisite table prefix - Fixed bug in notification message when login address has changed - Fixed multiple messages in settings page - Fixed problem with minify plugins that cause 400 error - Fixed base address problem in configuration of some multisite installs - Fixed a bug in register URL - Fixed a notice message
2.2 – 11/20/2013
-Bug Fix: Now entering Purchase Code will remove annoying warning messages -Bug Fix: Compatibility with /subdirectory/subdirectory/(..) network-enabled installs -Improvement: WordPress 3.7 compatibility -Improvement: Canonical URLs is now enabled by default (plus for settings schemes) -Improvement: Several colorful messages added to reduce support queries -Bug Fix: Buddypress pages bug (in some conditions) -Bug Fix: Fix /wp-login.php/ URL -Bug Fix: Remove a notice warning in generating debug report
2.1 & 2.11 09/21/2013
- Bug Fix: A problem in replacing new URLs (2.11) - New Feature: Login parameter 'hide_my_wp' is now changeable! - Improvement: W3 Total Cache Minify module works now! (Read FAQ) - Improvement: Better blocking of CMS finder tools - Improvement: W3TC credit text will be removed automatically (for untrusted users) - Improvement: Presstrends code added - Bug Fix: Log out problem in some environments - Bug Fix: Warning message appeared in some environments - Bug Fix: A number of fixes in helper class
2.01 – 08/11/2013
- Bug Fix: Added Replace in HTML back - Bug Fix: Correct a warning message
2.0 – 08/10/2013
- Improvement: Full WordPress 3.6 compatibility - Feature: Replace, rename or hide any file or folder - Feature: Simple page compression added - Feature: Block access of CMS finders tools to pages (beta) - Improvement: Change order of header info to hide WP better - Improvement: Add xmlrpc.php to excerpt list by default - Improvement: Cached CSS age extended to 3 days - Improvement: Better description and messages for easier configuration - Bug Fix: Scheduling problem for plugins like Backup Buddy was fixed - Bug Fix: Preview button problem in new post page was fixed - Bug Fix: Problem in full SSL websites was fixed - Bug Fix: Notice message appear in update settings was fixed - Minor changes
v1.81 & 1.82 – 06/10/2013
- Bug fix: A bug caused problem with new upload path in subdomain installs - Bug fix: Removed unnecessary success messages for reset defaults, import, etc. - Bug fix: Removed an unnecessary warning message. (1.81) - Bug fix: Correct miss-spelled labels
v1.8 – 06/08/2013
- Feature: Ability to choose manual configuration to use customized htaccess - Improvement: Better quick fix guide - Bug Fix: External uploaded WordPress images now works correctly - Bug Fix: CSRF flaw detected by Julio (boiteaweb.fr) - Bug Fix: Trim Replace in HTML field - Bug Fix: Better replace for WooCommerce plugins - Minor changes
v1.7 – 05/06/2013
- Feature: Ability to replace JS URLs for different entities (e.g. \ /wp-content\ /themes) - Improvement: BulletProof Security plugin compatibility - Improvement: Ability to replace codes with '=' sign using [equal] tag - Bug Fix: Child themes bug fix - Bug Fix: A bug in exporting Replace in HTML content - Bug Fix: A bug in exporting values with double slashes - Minor changes in UI
v1.6 – 04/20/2013
- Feature: Ability to rename all plugins (useful for plugins located in premium themes) - Improvement: New and better settings scheme - Improvement: Added quick fix guide to Start tab - Files: Update file structure to work with new Codecanyon changes - Bug Fix: ob_start bug fix for better compatibility - Bug Fix: Search widget bug - Bug Fix: Hide login, admin, etc. shortcuts - Bug Fix: Replace all AJAX URLs - Bug Fix: Fix a bug in Nginx rewrite rules in sub-folder installs - Documentation: Added documentation for Nginx and multisite configuration - Minor changes
v1.5 – 04/04/2013
- Performance: Up to 3 times faster with new partial replace mode! - Feature: Nginx and Multi-site support. - Feature: Child themes support - Feature: Two different minify options for HTML and CSS - Feature: Better compatibility with two additional options for PHP files access - Feature: Option to hide _wpnonce and theme screenshot - Improvement: Better support for sub-directory installs - Improvement: More compatibility for class clean up options - Bug Fix: Style path bug - Bug Fix: Fixed login URL problem and better compatibility with login-related plugins - Minor bug fixes
If there is still ambiguity, please check out screenshots or read our FAQs.