We all love WordPress, but in most cases we prefer to hide the fact that we are using a blogging platform for our entire business.
From other side every day a couple of new security bugs found in plugins, themes and WordPress itself. This is natural for a popular software but are we safe? Can all plugin authors be notified timely about bugs? Are all of them responsible for security problems they generated? or Can we update our themes and plugins everyday? Hide My WP created to help us. It not only boosts our security but it also allows us to have more beautiful URLs and permalinks!
Boost your security
Hide My WP control access to PHP files. It protects your site from almost 90% of SQL-Injection and XSS attacks caused by direct access to PHP files. This means you can install unsafe plugins without worry about security.
Change WordPress permalinks
The magic starts now… But before it please note everything is in its default location and we just control access to it. This guarantees maximum compatibility for our plugin.
Hide your wp-login.php
- Try this: wpwave.com/wp-login.php
- Not found!? OK. Try this one: wpwave.com/wp-login.php?hide_my_wp=1234
Hide wp – admin folder and all of its files (for untrusted users)
- wpwave.com/wp-admin/ – Not found!
Change WordPress theme directory, remove theme Info from stylesheet, replace default WP classes and finally minify it!
- wpwave.com/template/main.css (Instead: wp - content / themes / twentytwelve / style.css)
Change plugins directory and hash plugins name
- wpwave.com/modules/0f6a208e/shortcodes.css or even /template/ext/0f6a208e[...] (Instead: wp – content /plugins/zilla-shortcodes/shortcodes.css)
- wpwave.com/modules/0f6a208e/shortcodes.php – Not found! (Deny access!)
Change wp – includes folder, upload URL, AJAX URL, etc.
- wpwave.com/lib/js/jquery/jquery.js or even /template/lib/jquery[...] (Instead: wp – includes / js/jquery/jquery.js)
- wpwave.com/file/test-image-landscape.jpg (Instead: wp – content / uploads / test-image-landscape.jpg)
- wpwave.com/ajax.php – Print 0 (Instead: wp – admin / admin-ajax.php)
Change WordPress query URLs:
- New URLs:
- Old, not working URLs:
- wpwave.com/?p=1 – Nothing happen!
- wpwave.com/?author=1 – Nothing happen!
- wpwave.com/?s=hide – Nothing happen!
Change author permalink (or disable it!)
- New: wpwave.com/admin or wpwave.com/profile/admin (Optional)
- Old: wpwave.com/author/admin – Not found!
Change or disable feeds
Hide all other WordPress files!
Disable WordPress archives, categories, tags, pages, posts, etc
Continue reading there’s still more!
- Easily replace any words in your html output file!
- Notify you when someone is mousing about your WordPress site (included with visitor details like IP, user agent, referrer and even username!)
- Compress html output and remove comments in source code
- Remove WordPress meta Info from header and feeds
- Change default WordPress email sender
- Custom 404 page!
- Remove unnecessary menu classes
- Clean up body classes
If there is still ambiguity, please check out screenshots or leave a message.