5597 comments found.
Hi, is there a way to see which IP addresses I have added to the Exception Fields List and remove some of them?
Yes, you can see them in “Blocked IPs” list under IDS Firewall tab.
I don’t mean the ones I have blocked. I was thinking about the ones I have excluded. I can’t seem to find them anywhere ones I have excluded them.
The IPs you have banned in “Dashboard >> Intrusions” section will be auto added to “Blocked IPs” list under IDS Firewall tab.
I know that but I’m referring to the IP’s I have excluded. You can both exclude and ban IP’s in the “Dashboard >> Intrusions” section. Where can I find the excluded IP’s?
You can only view/remove the banned IPs, but not excluded IPs.
So if I accidentally add an IP to excluded list, which should have been banned, I won’t be able to remove it? That’s not good! 
Unfortunately this website https://itrack.ru/whatcms/ able to recognize Wordpress of you example – http://hide-my-wp.wpwave.com
Hi, we’ll check this and get back to you. We have to be up-to-date with various detectors as they keep on changing their detection algorithm. Thanks!
ok, if the plugin will work correctly I’ll buy. So I’m waiting for you check. Thanks!
Hi, we did some testing and https://itrack.ru/whatcms/ is also detecting wordpress in a webpage which is not a wordpress site. It’s detecting it as a WP site just because of presence of some wordpress related words.
We recommend to use trusted detectors like https://www.wpthemedetector.com/, https://whatcms.org, etc.
ok, thanks for comment! Does it work correctly with WooCommerce? And general what specificity work with other plugins (install, work, and development own plugin on a website) in case use the plugin? Thanks.
Yes, it’s compatible with woocommerce and almost all the plugins and themes available in market. I didn’t get your 2nd point above!
does this plugin still replace/rename wp-admin from the url fulltime?
Hi, yes, you can rename wp-admin path name with this plugin.
Hi, 500 internal server error occurred due to wrong plugin setting. So I deleted the plugin and restored my blog again. Then, when I try to reinstall the plugin, I still get the same error. Can I re-use the plug-in once I make a mistake? thank.
Hi, please try these:
1) In “wp_options” table in your database, delete the rows with following “option_name”. Please backup your database first.
- hide_my_wp
- hide_my_wp_undo
- hmwp_ids_installed
- hmw_all_plugins
- external_updates-hide_my_wp
- hmwp_spam_counter
- hmwp_temp_admin_path
2) comment out or remove following line from wp-config.php (if you have added it there previously)
define(“ADMIN_COOKIE_PATH”, ”/NEW_WPADMIN_PATH_NAME”);
Then you can try re-applying the settings in HMWP..
Hi, thanks for the answer. But I do not know how to use the database. Database restoration is supported by the hosting company. So I try to restore the database before the error occurs. Is it anyway?
Is there any error?
In that case, please raise a support ticket at http://support.wpwave.com regarding the issue. Thanks!
Hi, We’re using Ninja firewall. What are the steps I need to take to make sure I’m not locked out as admin? Do I need to whitelist the new login URL with the query string? Thanks.
Hi, we recommend you to try applying “Medium privacy more compatibility” settings scheme from HMWP start tab. In this case, the defautl login url will be /wp-login.php?hide_my_wp=1234
If in case the login url is blocked do let us know.
Hi Can i use this plugin in my main domain.com and other subdomain in.domain.com pk.domain.com ae.domain.com from one license
Hi, it’s one license one site. So, you’ll need separate license for each of your websites. But if it’s WP multisite you’ll need only one license.
Totally mess up with Bimber theme. I tried it and the whole website was all messed up…all images don’t show afterwards, plz help
Hi, can you please generate debug report from HMWP start tab and post it in the support forum (http://support.wpwave.com) as private reply? Thanks!
It seems like you have already created a support ticket. Let’s connect there.
Hi,
I have bought your plugins today, and need some help to fix issue with /wp-admin/ which is working for Admin, not for other users.
Hi, please try setting “trusted user roles” for the users in HMWP General Settings tab. If it’s still the issue then please create a support ticket regarding the issue at http://support.wpwave.com
Hi, i have purchased a license for a site i am currently doing, however at the moment it is in a test environment, if i activate the plugin in the test environment will this prevent me from using it on the live version? (as i only have the one key)
I would preferably like to see how it works before deploying it in case it causes issues!
Hi, you can use it in test environment, and when you go live make sure that you use the license there alone and delete it from the test environment.
Hi,
I want to buy your plugins, but have some questions:
1. Does your plugins completely hide wp-admin/, wp-content/, wp-include/, etc. from the address bar of the browsers as well as from Source Codes seen on the browsers?
For example, I basically want to hide wp-admin/myfile on address bar and want users to see module1/ or module1/myfile instead. And it should be like that in Source Codes on browsers too. Can your plugins do that?
2. Does it hide default WP login, register, logout, reset password pages? I basically dont want them to be seen on any other pages; i just want them to disappear completely on my site as I use custom pages for them
Cheers
Thon
Hi,
1) Yes, it does. You can rename wp-admin, wp-content, wp-includes, etc. Please check our demo WP site – http://hide-my-wp.wpwave.com
But be noted that HMWP is to hide wordpress only from frontend (not from backend)
2) Yes, it does. The default login URLs like /wp-login.php, /wp-admin will return 404 error page, and you can have your custom login url like www.yourdomain.com/login/
Are they hidden from broswers’ address bar?
You said /wp-admin/ will return 404; What about Admin login page at:
www.mydomain.com/wp-admin
How can Admin log into the backend?
Cheers
Thon
You can make www.mydomain.com/wp-admin and www.mydomain.com/wp-login.php return 404 error in HMWP settings, and specify your custom login url like www.mydomain.com/wp-login.php?SecretKey or www.mydomain.com/my-login/
In our demo site, you can access it with http://hide-my-wp.wpwave.com/wp-login.php?hide_my_wp=1234
is it monthly/yearly subscription or one off payment for your plugins?
How many sites can I use it on?
Cheers
Thon
It’s one time payment and you’ll get lifetime support and updates. It’s one license one website.
-so I dont have to pay for 12 month support; just buy the plugins only?
-I have issues with .htaccess file permission earlier which causes my whole server to display 500 error; and I had to reinstall the whole server. htaccess can be edited via FTP, but not via SSH – that is an issue. My website is using Apache2 on Centos 6.
Will your plugins be OK with .htaccess file permission as mentioned above?
Cheers
Thon
Yes, you can just buy the plugin.
HMWP is fully compatible with Apache server (htaccess). There shall be no issue. If in case there’s any issue, our dedicated support (http://support.wpwave.com) is there to help you out.
thanks
is this plugin can hide wordpress themes and plugins from “wordpress theme detector” ?
Hi, yes, it is what this Plugin’s primary job is.
Can I hide via this plugin info from code: generator: wpbakery ???
Hi, yes, you can do that.
Very tired of putting the purchase code again and again.
Hi, what exactly is the issue? Isn’t the purchase code accepted? What’s the error msg you are getting?
Will this plugin work with the Divi theme by Elegant Themes?
If so, I will buy it because it looks like a great plugin from what I’m seeing.
Hi, yes it is compatible with Divi theme.
Hello. I checked my site to make sure you cannot still access mydomain.com/wp-admin and it actually redirected to my hidden key login url that I have set with your plugin. Can you please advise why it would be doing this? It was working…
Hi, can you please generate debug report from HMWP start tab and post it in the support forum (support.wpwave.com) as private reply.
Hi, nobody answer me, I tried to contact you via the support page….
Hi, we’ve replied to all the support tickets. Can you please let us know your ticket url if in case we’ve missed it?
Hi, yes thank you, I replied it because it seams that the plugin doesn’t hide the wordpress information
Let’s connect there. Thanks!
Dear – one issue with your plugin & theme
I use AVADA and your plugin – everything works fine until i change the admin base
When i change the admin-wp to something other (which works fine) – Avada cannot save theme changes anymore – it shows error in server operations – “there was a problem with your action. pls try again or reload page”
When i delete this change with admin-wp slug change – it works again
How to fix this?
Thx
Hi, can you please raise a support ticket at http://support.wpwave.com/ regarding the issue? Also, generate debug report from HMWP start tab and post it there as private reply.
ok i have added an entry at support desk - #20716
Replied there!
Dear – in the changelog is written
”- Added: Support to hide WP Rocket plugin”
Where is this setting to find in plugin options?
Or does it work by itself when wp-rocket plugin is installed?
If yes, does wp hide detect it or is any refresh needed ? – or how does it work
Thanks
Hi, make sure that “Auto Configuration” option in HMWP Replace Tools tab is enabled/checked.
Hello if i enable the plugin hold site is broke. a lot problems only enable the plugin
Hi, it’s most probably the issue with htaccess file. Please generate debug report from HMWP start tab and post it in the support forum (support.wpwave.com) as private reply.
What does this mean for my site?
The following potential attack has been detected by HMWP IDS.
If it’s you please Exclude that parameter or increase Notify Threshold from IDS settings. In most cases you don’t need to do anything. Hide My WP protects you!
IP: 138.197.26.255 User ID: Date: 2018-03-18T07:12:08+00:00 Total Impact: 602 Affected tags: xss csrf id rfe lfi
Affected parameters: REQUEST.q=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.w=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.e=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.r=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.t=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.y=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.u=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.i=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.o=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.p=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.a=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.s=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.d=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.f=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.g=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.h=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.j=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.k=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.l=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.z=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.x=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.c=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.v=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.b=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.n=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.m=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.eval=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.enter=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, REQUEST.cmd=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.q=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.w=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.e=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.r=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.t=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.y=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.u=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.i=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.o=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.p=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.a=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.s=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.d=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.f=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.g=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.h=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.j=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.k=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.l=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.z=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.x=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.c=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.v=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.b=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.n=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.m=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.eval=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, GET.enter=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.q=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.w=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.e=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.r=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.t=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.y=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.u=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.i=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.o=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.p=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.a=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.s=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.d=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.f=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.g=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.h=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.j=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.k=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.l=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.z=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.x=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.c=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.v=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.b=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.n=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.m=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.eval=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.enter=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B, POST.cmd=die%28%26%23039%3Bz%21a%26%23039%3B.%26%23039%3Bx%26%23039%3B%29%3B,
Request URI: /?q=die(‘z!a’.’x’);&w=die(‘z!a’.’x’);&e=die(‘z!a’.’x’);&r=die(‘z!a’.’x’);&t=die(‘z!a’.’x’);&y=die(‘z!a’.’x’);&u=die(‘z!a’.’x’);&i=die(‘z!a’.’x’);&o=die(‘z!a’.’x’);&p=die(‘z!a’.’x’);&a=die(‘z!a’.’x’);&s=die(‘z!a’.’x’);&d=die(‘z!a’.’x’);&f=die(‘z!a’.’x’);&g=die(‘z!a’.’x’);&h=die(‘z!a’.’x’);&j=die(‘z!a’.’x’);&k=die(‘z!a’.’x’);&l=die(‘z!a’.’x’);&z=die(‘z!a’.’x’);&x=die(‘z!a’.’x’);&c=die(‘z!a’.’x’);&v=die(‘z!a’.’x’);&b=die(‘z!a’.’x’);&n=die(‘z!a’.’x’);&m=die(‘z!a’.’x’);&eval=die(‘z!a’.’x’);&enter=die(‘z!a’.’x’); Origin: 31.168.11.107
Hi, HMWP IDS detects malicious requests coming to your site and notify you about it. But all these requests might not be harmful and you need not worry as HMWP IDS will take care of this and will block the malicious requests if Impact level is more than 20 (default value specified in HMWP IDS). You can stop receiving emails regarding this by setting “Notification Threshold” option to 0 in IDS Firewall tab.
Note: If in case, valid request is also listed as intrusion then hover over that request name and click on Exclude link to add it to exception list.
This item was featured on CodeCanyon
Elite Author
Contact the Envato Market Help Team
