Linux 软件免费装

在这里免费安装WordPress以及其他软件

Banner图

WP Ghost (Hide My WP Ghost) - Security & Firewall

开发者 johndarrel
更新时间 2026年4月2日 19:50
PHP版本: 7.4 及以上
WordPress版本: 7.0
版权: GPLv2 or later
版权网址: 版权信息

标签

security login firewall brute force hide my wp

下载

5.2.02 1.1.008 1.1.013 1.1.021 1.1.023 1.1.033 2.0.05 2.0.12 3.1.00 3.1.02 3.2.01 3.3.00 3.3.03 3.4.00 3.5.00 3.5.01 5.0.20 4.1.03 4.0.09 5.0.02 4.0.08 5.0.01 2.0.16 4.1.08 4.1.09 4.1.07 4.1.10 5.0.23 5.0.12 5.0.14 5.5.01 5.0.13 5.0.17 4.1.06 5.0.10 7.0.00 4.1.02 5.0.11 5.0.15 5.0.18 5.0.22 5.0.16 4.1.05 4.0.10 5.0.26 5.3.00 5.3.02 4.1.11 5.4.02 5.4.03 5.2.01 5.4.07 5.4.06 5.1.01 5.4.05 5.0.27 5.1.02 5.2.04 5.0.29 5.2.03 5.1.03 5.3.01 5.4.01 5.0.28 5.5.02 4.0.11 5.5.04

详情介绍:

WP Ghost (formerly known as Hide My WP Ghost) is a professional-grade, comprehensive hack-prevention security solution for WordPress. Built for speed and engineered for maximum defense, WP Ghost provides a multi-layered security architecture designed to block hacker bots, neutralize automated scanners, and stop the hack before the reconnaissance even begins. While traditional security tools focus on Detection (scanning for malware after a breach) or Signature-Filtering (blocking known exploits), WP Ghost focuses on Architecture. By implementing Paths Security and Site Hardening, we remove the digital footprints that make your site a target for automated botnets, providing a proactive foundation that secures your site before it can even be identified as a target. [youtube https://youtu.be/QMdoSN8dk1c] WP Ghost Global Stats: Official websites: WP Ghost (wpghost.com) Hide My WP Ghost (hidemywpghost.com) Stop Attacks with Paths Security & Architectural Hardening Most WordPress attacks are automated. Bots scan millions of sites per hour looking for default paths like /wp-admin or /wp-login.php to confirm a site is running WordPress. Once confirmed, they launch targeted exploits against known plugin or theme vulnerabilities. WP Ghost breaks this cycle. By changing and securing common paths, you reduce your attack surface by up to 90%. This isn't "obscurity", it's Site Hardening. We re-engineer the visible structure of your site so it is no longer a low-hanging fruit for global botnets. Key Protections Included WP Ghost is packed with advanced defensive mechanisms to protect your site against: Over 115 Free Security Features Included We believe professional security should be accessible to everyone. The free version of WP Ghost includes a massive suite of tools to harden your WordPress architecture. 1. Change and Secure Paths (Paths Security) 2. Next-Gen Firewall & Authentication 3. Deep Hiding & Footprint Removal 4. Advanced Disable Options 5. Brute Force Protection 6. Extra Tools & Integrations Premium Hack-Prevention Features For agencies and high-traffic sites, WP Ghost Premium adds advanced features focused on Security Intelligence, Automated Response, and Copyright Protection. Hide My WP Premium Feature

安装:

From your WordPress Dashboard Step 1. Navigate to Plugins > Add New. Step 2. Search for "WP Ghost". Step 3. Click Install Now and then Activate. Step 4. Go to the WP Ghost menu in your sidebar. Step 5. Enter your email address to receive your instant Free Access Token. Step 6. Follow the built-in Setup Wizard to begin hardening your paths. Manual Installation Step 1. Download the hide-my-wp.zip file from the WordPress repository or your WP Ghost account. Step 2. Log in to your WordPress dashboard as an Administrator. Step 3. Navigate to Plugins > Add New > Upload Plugin. Step 4. Select the .zip file and click Install Now. Step 5. Click Activate Plugin. Step 6. Connect the plugin with your email address to activate your security features. Resources & Guides For advanced server configurations or detailed walkthroughs, please visit our comprehensive documentation: How to Install and Setup WP Ghost
WP Ghost Knowledge Base:

屏幕截图:

  • **Admin Security**: Change and secure the wp-admin path to block unauthorized dashboard access.
  • **Paths Security**: Customize and secure your login and registration entry points.
  • **Core Security**: Harden your system paths (wp-content, uploads, includes) against bot reconnaissance.
  • **API & AJAX Security**: Secure the REST API and admin-ajax paths to prevent data scraping.
  • **8G Firewall Engine**: High-performance, server-edge threat filtering for proactive hack prevention.
  • **Brute Force Defense**: Integrated Google reCaptcha and Math protection for all authentication paths.
  • **Modern Authentication**: Secure logins with 2FA and future-proof Passkey (Passwordless) support.
  • **Text Mapping**: Dynamically change class names and IDs in your source code to prevent fingerprinting.
  • **URL Mapping**: Re-engineer internal URLs and paths for elite-level site hardening.
  • **Hardening Tweaks**: Deep hide options to remove WordPress version tags and identifiable meta-data.
  • **Redirect Logic**: Custom 404 and role-based redirect options for secured paths.
  • **Safe Access**: Manage Temporary Logins and Magic Links for secure developer access.
  • **Front-end View**: Example of a custom, secured login path (/newlogin).
  • **Attack Blocked**: Default wp-login.php now returns a 404 error to confuse hacker bots.
  • **Access Denied**: Default wp-admin path is fully secured and hidden from public view.
  • **Source Code Proof**: Core WordPress paths transformed and secured to neutralize bot scans.

常见问题:

Does WP Ghost physically move or rename my WordPress files?

No. WP Ghost utilizes high-performance server rewrite rules (Nginx, Apache, IIS) to change the visible paths in your source code. Your actual WordPress files and directories remain exactly where they are, ensuring zero risk to your site’s stability and core updates.

Is WP Ghost a complete standalone solution?

For the vast majority of WordPress sites, Yes. By combining Architectural Hardening with an 8G Firewall and Automated IP Blocking, WP Ghost neutralizes the automated reconnaissance and brute-force attempts that account for over 90% of real-world attacks. It provides a foundational defense that is often statistically sufficient on its own, while remaining fully compatible with "Defense in Depth" strategies involving malware scanners or file-integrity monitors.

Is it compatible with other WordPress security plugins?

Yes! WP Ghost is designed as your "Outer Perimeter" defense. It works perfectly alongside malware scanners and reactive security tools like Wordfence, Sucuri, or Solid Security. By implementing Paths Security first, WP Ghost stops bots before they even get close enough to be scanned by other plugins.

Will changing my paths affect my SEO or Google rankings?

Not at all. WP Ghost handles Sitemap.xml and Robots.txt mapping automatically. This ensures that Google and other search engines can still index your content perfectly, while malicious bots receive a 404 error when attempting to probe your system paths.

What is the difference between Paths Security and "Security through Obscurity"?

Obscurity is simply hiding a key under a mat. Paths Security is an architectural hardening strategy—like moving the door to a secure, unique location and changing the lock. It is a recognized technical hardening standard used by enterprise-grade sites to prevent Bot Reconnaissance.

Does WP Ghost work on WP Multisite and different server types?

Yes. The plugin is fully compatible with WP Multisite (Network-wide configuration) and supports Apache, Nginx, IIS, and LiteSpeed servers.

How do I configure WP Ghost on an Nginx Server?

WP Ghost fully supports Nginx. Because Nginx does not use .htaccess, you will be guided to add the generated rewrite rules to your nginx.conf file manually. We provide specific tutorials for Kinsta, RunCloud, CloudPanel, CWP7, AAPanel, and Ploi.io.

My theme is not loading correctly after changing paths. What should I do?

This usually happens if the server rewrite rules are not yet active.

  • Purge Cache: Clear your WordPress cache and any server-side caching (Varnish, Nginx FastCGI).
  • Manual Rewrites: If your server config file is not writable, copy the rules from WP Ghost and add them manually to your .htaccess or nginx.conf.
  • Restart Nginx: If on Nginx, you must reload/restart the service after saving settings.
  • Free Support: If the issue persists, contact us and we will set up the plugin for you for free.

I am locked out or forgot my custom login URL. How do I get back in?

  • Safe URL: Use the "Safe URL" text file that was automatically generated and downloaded when you saved your settings.
  • Manual Reset: Access your server via FTP/SFTP and rename the folder /wp-content/plugins/hide-my-wp to something else. This temporarily disables the path changes so you can login via the default wp-login.php.

Does WP Ghost work for WordPress.com websites?

Due to the restricted infrastructure of WordPress.com managed hosting, changes to the administrative and login paths are not allowed. However, you can still use WP Ghost for Site Hardening, the 8G Firewall, Passkey Authentication, and other Hack Prevention features.

Is the WP Ghost plugin free of charge?

Yes. The Lite version of WP Ghost will always be free and includes essential WordPress Security updates. To unlock advanced features like IP Block Automation, Geo-Security, and Cloud Monitoring, you can upgrade to WP Ghost Premium.

How can I hide my site from WordPress Theme Detectors?

By using Paths Security to change common directories (plugins, themes, wp-content), you effectively neutralize most automated detectors. For a deep-dive on total anonymity, read our guide: How to Hide Your Site From WordPress Theme Detectors.

Is this plugin enough to protect my website from all hackers?

WP Ghost provides an elite proactive defense by neutralizing the Reconnaissance phase of an attack. While the Free version blocks the vast majority of bot traffic, we recommend the Premium version for advanced Brute Force Protection and Automated Threat Intelligence.

How do I change the WordPress paths in the Admin Dashboard area?

By default, WP Ghost only changes paths on the frontend to ensure maximum compatibility. To harden the admin dashboard as well, add define('HMW_ALWAYS_CHANGE_PATHS', true); to your wp-config.php file and re-save your settings.

Does WP Ghost include a security score?

Yes. WP Ghost 7.0 includes a Security Optimization Score from 0 to 100 that shows exactly how hardened your site is. The score updates automatically as you enable features and complete security tasks. It appears on the Overview dashboard and the Security Check page as both a visual gauge and a numeric value.

Can I customize the WordPress login page with WP Ghost?

Yes. WP Ghost includes a Login Page Designer that lets you add your custom logo, background image, and brand colors to your secured login page. It includes 12 layout presets and 10 color scheme presets. The designer works with your custom login URL, so your branded page is served at your hidden path instead of the default wp-login.php.

Does WP Ghost protect my content from AI training bots?

WP Ghost Premium includes an AI Copyright Protection feature that blocks 30+ AI training crawlers including GPTBot, ClaudeBot, PerplexityBot, CCBot, and Bytespider at the firewall level. It also adds Disallow rules to your robots.txt automatically. This protects your copyrighted content from being used for AI model training without affecting your regular Google, Bing, or Yahoo search visibility. The crawler list is automatically updated with each plugin release.

更新日志:

7.0.00 (31 March 2026) Major Release: Security Score, Login Page Designer, Passkey 2FA, Security Threats Log, User Events Log, GEO Threats Map, and expanded 7G/8G Firewall rules. Free update for all users. Firewall & Security Updates: Compatibility: UI & Experience: 5.5.04 (26 Mar 2026) 5.5.02 (10 Feb 2026) 5.5.01 (22 Dec 2025) 5.4.08 (09 Dec 2025) 5.4.07 (29 Sept 2025) 5.4.06 (21 Aug 2025) 5.4.05 (27 May 2025) 5.4.04 (21 Mar 2025) 5.4.03 (11 Mar 2025) 5.4.02 (04 Mar 2025) 5.4.01 (06 Ian 2025) 5.3.02 (08 Nov 2024) 5.3.01 (07 Oct 2024) 5.3.00 (20 Sept 2024) 5.2.04 (07 July 2024) 5.2.03 (04 July 2024) 5.2.02 (19 June 2024) 5.2.01 (04 June 2024) 5.1.03 (20 May 2024) 5.1.02 (30 Apr 2024) 5.1.01 (10 Apr 2024) 5.0.29 (19 Mar 2024) 5.0.28 (14 Feb 2024) Compatibility with PHP 8.3 and WP 6.4.3 5.0.27 (18 Oct 2023) 5.0.26 (28 Aug 2023) 5.0.25 (23 Aug 2023) 5.0.24 (03 July 2023) 5.0.23 (29 May 2023) 5.0.22 (16 May 2023) 5.0.20 (03 May 2023) 5.0.19 (23 Apr 2023) 5.0.18 (03 Mar 2023) 5.0.17 (19 Dec 2022) 5.0.16 (21 Oct 2022) 5.0.15 (06 Sept 2022) 5.0.14 (17 June 2022) 5.0.13 (03 May 2022) 5.0.12 (08 Mar 2022) 5.0.11 (22 Feb 2022) 5.0.10 (17 Feb 2022)