Linux 软件免费装

在这里免费安装WordPress以及其他软件

Banner图

WP Ghost (Hide My WP Ghost) - Security & Firewall

开发者 johndarrel
更新时间 2025年1月28日 21:45
PHP版本: 7.0 及以上
WordPress版本: 6.7
版权: GPLv2 or later
版权网址: 版权信息

标签

security login hide firewall wp admin

下载

4.0.11 5.2.02 1.1.008 1.1.013 1.1.021 1.1.023 1.1.033 2.0.05 2.0.12 3.1.00 3.1.02 3.2.01 3.3.00 3.3.03 3.4.00 3.5.00 3.5.01 5.0.20 4.1.03 4.0.09 5.0.27 5.0.02 4.0.08 5.0.01 2.0.16 4.1.08 4.1.09 5.1.01 4.1.07 4.1.10 5.0.23 5.0.12 5.0.14 5.0.13 5.0.17 5.2.04 4.1.06 5.0.10 4.1.02 5.0.11 5.0.15 5.0.18 5.0.22 5.0.16 4.1.05 4.0.10 5.2.03 5.1.03 5.2.01 5.3.01 5.3.00 5.4.01 4.1.11 5.0.26 5.0.28 5.0.29 5.3.02 5.1.02

详情介绍:

Level up your WordPress security with WP Ghost plugin! WP Ghost (short for Hide My WP Ghost) is a comprehensive hack-prevention security solution for WordPress websites. It adds multiple layers of security to block hacker bots and prevent unauthorized access. It works by changing and hiding common vulnerabilities, making it difficult for bots and hackers to exploit weak points in plugins, themes, and the WordPress core itself. Join over 200,000 secured websites with WP Ghost. The plugin has blocked over 9 million brute force attempts and stopped over 140,000 monthly hacks. Key features include powerful protection against:
  • Brute Force Attacks
  • SQL Injection Attacks
  • Script Injection Attacks
  • Vulnerability Exploit
  • Malware Injection
  • XML-RPC attacks
  • File Inclusion Exploits
  • Directory Traversal Attacks
  • Default WP Paths Exploits
  • Cross-Site Scripting (XSS)
  • Throttling of Access Attempts to Entry Points
  • and more Protect your site today! WP Ghost hides and secures all common paths, plugins and themes from hacker bots and spammers.
[youtube https://youtu.be/QMdoSN8dk1c] YouTube - Why You Must Have Hide My WP WP Ghost is packed with over 50 security free features:
Change and Hide Paths:
  • Hide WordPress wp-admin, and show 404 error or a custom page
  • Hide WordPress wp-login.php, and show 404 error or a custom page
  • Change the wp-admin and wp-login URLs
  • Change lost password URL
  • Change register URL
  • Change logout URL
  • Change activation URL
  • Change admin-ajax URL
  • Change wp-content URL
  • Change wp-includes URL
  • Change uploads URL
  • Change comments URL
  • Change author URL
  • Change plugins URL
  • Change plugins name
  • Change themes URL
  • Change themes name
  • Custom themes style.css name
  • Change REST API wp-json URL
  • Change category URL
  • Change tags URL
  • Custom login redirects based on user role
  • Custom logout redirects based on user role
  • Change URLs from Relative to Absolute
  • Change URLs in Ajax calls
  • Change URLs for Logged Users
  • Change URLs in Cache Files
  • Change paths in Sitemap.xml
  • Change paths in Robots.txt
Firewall:
  • Two-factor Authentication By Code (2FA)
  • Two-factor Authentication By Email (2FA)
  • Security Headers against XSS & Code Injections
  • Security Header Strict-Transport-Security
  • Security Header Content-Security-Policy
  • Security Header X-XSS-Protection
  • Security Header X-Content-Type-Options
  • Security Header X-Frame-Options
  • Firewall against Script Injections and SQL Injection
  • 7G Firewall Security Filter
  • 8G Firewall Security Filter
  • Block by IP Addresses
  • Block by User Agents
  • Block by Referrers
  • Block by Hostnames
  • Hide Website from Theme Detectors
Hide Options:
  • Hide /wp-admin path
  • Hide /wp-login path
  • Hide /login path
  • Hide REST API wp-json path
  • Hide Admin Toolbar based on user role
  • Hide style IDs and META IDs
  • Hide WordPress HTML comments
  • Hide Version and WordPress Tags
  • Hide DNS Prefetch WordPress link
  • Hide WordPress Generator Meta
  • Hide RSD (Really Simple Directory) header
  • Hide Emoticons if you don't use them
Disable Options:
  • Disable REST API access
  • 禁用 XML-RPC 访问
  • 禁用嵌入脚本
  • Disable DB-Debug in Frontend
  • 禁用 WLW Manifest 脚本
  • Disable Select All - Ctrl+A (Windows and Linux), ⌘+A (macOS)
  • Disable Copy - Ctrl+C (Windows and Linux), ⌘+C (macOS)
  • Disable Cut - Ctrl+X (Windows and Linux), ⌘+X (macOS)
  • Disable Paste - Ctrl+V (Windows and Linux), ⌘+V (macOS)
  • Disable Save - Ctrl+S (Windows and Linux), ⌘+S (macOS)
  • Disable Inspect Element/Developer Tool - Ctrl+Shift+I (Windows and Linux), ⌘+⌥+I (macOS)
  • Disable View Source - Ctrl+U (Windows and Linux), ⌘+U (macOS)
  • Disable Right Click
  • Disable Drag-Drop
  • Disable Image Dragging by Mouse
  • Disable Text Selection
  • Disable Directory Browsing
Mapping Text and URLs:
  • Change URLs using URL Mapping
  • 更改使用文本映射的类
  • Change CDN URLs using CDN Mapping
  • Change paths in the cache files
  • Change paths in the Feed link
  • Change paths in the Sitemap XML
  • Change paths in the Robots.txt
Brute Force Protection:
  • Brute Force Protection with Math reCaptcha
  • Brute Force Protection with Google reCaptcha V2
  • Brute Force Protection with Google reCaptcha V3
  • Brute Force Protection on Login
  • Brute Force Protection on Password Lost
  • Brute Force Protection on Signup
  • Brute Force Protection on Comment
  • Brute Force Protection on Woocommerce Login
  • Brute Force Protection shortcode [hmwp_bruteforce]
  • Custom attempts, timeout, message
  • Manage Blacklist and Whitelist IPs
Extra Features:
  • Magic Link Login Without Password
  • Temporary Logins Without Password
  • Fix relative URLs
  • Backup and Restore settings
  • Change classes on source code using Text Mapping
  • Change URLs on source code using URL Mapping
  • Cache CSS, JS, and Images to optimize the loading speed
  • Weekly security checks and reports
Integrations:
  • Support for WP Multisite
  • Support for Nginx
  • Support for IIS
  • Support for LiteSpeed
  • Support for Apache
  • Support for Siteground
  • Support for WP Engine
  • Support for AWS Hosting
  • Support for Inmotion Hosting
  • Support for Hostgator Hosting
  • Support for Godaddy Hosting
  • Support for Host1plus
  • Support for Payperhost
  • Support for Fastcomet
  • Support for Dreamhost
  • Support for Bitnami Apache
  • Support for Bitnami Nginx
  • Support for Google Cloud Hosting
  • Support for Litespeed Hosting
  • Support for Flywheels Local
  • Support for Flywheels Hosting
  • Support for Ploi Hosting
  • Support for Namecheap Hosting
  • Support for RunCloud Hosting
  • Support for WPEngine Hosting
  • Support for CloudPanel Hosting
  • Recommended by Wp Rocket
  • Recommended by WPML
Premium Security Features (over 70):
  • WordPress Hardening
  • Hide WordPress Common Paths by Extension
  • Hide WordPress Files like wp-config.php, wp-config-sample.php, wp-load.php, wp-settings.php, wp-blog-header.php, readme.html, readme.txt, install.php, license.txt, php.ini, hidemywp.conf, bb-config.php, error_log, debug.log
  • Events/Actions Monitoring (Cloud Backup)
  • Brute Force Monitoring (Cloud Backup)
  • Geo Security
  • Country Blocking
  • Vulnerability Management
  • Files Permission Fix
  • Database Prefix Change
  • SALT Keys Change
  • Premium Support
  • and more Hide My WP Premium Feature
Compatible server types: WP Multisite, Apache, Litespeed, Nginx and Windows IIS. Hosting Compatibility checked: WP Engine, Inmotion Hosting, Hostgator Hosting, Godaddy Hosting, Host1plus, Payperhost, Fastcomet, Dreamhost, Bitnami Apache, Bitnami Nginx, Google Cloud Hosting, Amazon AWS Lightsail, Litespeed Hosting, Flywheels Hosting, Kinsta Hosting, Ploi.io, CloudPanel, RunCloud Plugins Compatibility updates: Woocommerce, WPML, WPMUDEV, W3 Total Cache, Gravity, WP Super Cache, WP Fastest Cache, Hummingbird Cache, Cachify Cache, Litespeed Cache, SiteGround Optimizer, Nitropack, Cache Enabler, CDN Enabler, WOT Cache, Autoptimize, Jetpack by WordPress, Contact Form 7, bbPress, Manage WP, All In One SEO, Rank Math, Yoast SEO, Squirrly SEO, WP-Rocket, Minify HTML, Solid Security, Sucuri Security, Really Simple SSL, WordFence Security, WP Cerber Security, BBQ Firewall, Anti-Malware Security, Back-Up WordPress, Elementor Page Builder, Divi Builder, Weglot Translate, AddToAny Share Btn, Limit Login Attempts Reloaded, Loginizer, Shield Security, Asset CleanUp, WP Hide & Security Enhancer, and more Compatibility Plugins List: Hide My WP Compatibility Plugins Compatibility Theme List: Hide My WP Compatibility Themes WP Ghost changes and hides WP common paths, admin & login paths, plugin paths, and theme paths, protecting your site from hacker bots. Note! No files or directories are physically altered. All changes are implemented through server rewrite rules, ensuring no impact on SEO or loading speed. The plugin works with other security plugins and adds a layer of security to your WordPress website against hacker bots.
Check the Demo Website source code: https://demo.wpghost.com/ (the elementor is changed in files and classes) Check the Redirected URLs in Demo Website (all are redirected to Front Page): https://demo.wpghost.com/wp-admin https://demo.wpghost.com/wp-login Check the Hidden Common Paths in Demo Website (all show 404 Page Not Found): https://demo.wpghost.com/wp-content https://demo.wpghost.com/wp-content/plugins https://demo.wpghost.com/wp-content/themes
Over 90,000 hacking attacks per minute strike WordPress sites and WordPress hosting around the world, hitting not only large corporate websites packed with sensitive data, but also sites belonging to small businesses, independent entrepreneurs, and individuals running personal blogs. Security of WordPress sites typically tops the list of concerns for new and experienced website owners alike. For owners of WordPress sites, statistics like that one raises particular worries about the security not just of individual WordPress sites, but of WordPress itself. Is your website secure? Check your website with Free Website Security Check Protect your WordPress website by hiding the authentication paths like wp-admin, wp-login.php, login, wp-signup.php, and change the common WordPress paths like wp-content, wp-includes, uploads, and more. Being able to protect the common paths is critical because you get to keep hacker bots away from sensitive website data. This is crucial, and it will provide you with a great experience and perfect results in the long term. It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well. If you don't protect yourself, you will end up having a hacked website sooner or later. This is a free version of the plugin, so you can use it for all your websites without any restrictions. Secure your website in just minutes with the WP Ghost plugin. Protect your WordPress site against hacker bots and spammers! Please support us and translate the plugin in your language: https://translate.wordpress.org/projects/wp-plugins/hide-my-wp Thank you all for your trust, support, and positive reviews! Important! This is not the Hide My WP Nulled version of the Hide My WP Codecanyon plugin. Ready To Protect Your Website From Hackers With The Most USER-FRIENDLY WordPress Security Plugin?

安装:

Manually install the WP Ghost Lite plugin: Step 1. Log In as an Administrator on your WordPress dashboard. Step 2. In the WordPress menu, go to Plugins > Add New Plugin tab. Step 3. Click on the Upload Plugin button from the top of the page. Step 4. Click to browse and upload the hide-my-wp.zip file. Step 5. After the upload, click the Activate Plugin button to activate the plugin. Step 6. From the plugins list, click on the Settings link to go to plugin’s settings. Step 7. Connect the plugin using your email address to get an instant free access token. Step 8. Follow the setup guide from: https://wpghost.com/kb/install-wp-ghost-plugin/ Enjoy! Install the WP Ghost Lite directly from the WordPress directory: Step 1. Log In as an Administrator on your WordPress dashboard. Step 2. In the WordPress menu, go to Plugins > Add New Plugin tab. Step 3. Search for 'WP Ghost'. Step 4. After the plugin is shown, lick the Activate Plugin button to activate the plugin. Step 5. From the plugins list, click on the Settings link to go to plugin’s settings. Step 6. Connect the plugin using your email address to get an instant free access token. Step 7. Follow the setup guide from: https://wpghost.com/kb/install-wp-ghost-plugin/ Enjoy! [youtube https://youtu.be/zhvRGHMjKic]
WP Ghost Knowledge Base:

屏幕截图:

  • Hide My WP > Change Paths > Admin Security
  • Hide My WP > Change Paths > Login Security
  • Hide My WP > Change Paths > Core Security
  • Hide My WP > Change Paths > API Security
  • Hide My WP > Firewall > 8G Firewall
  • Hide My WP > Brute Force > reCaptcha Protection
  • Hide My WP > Two Factor > 2FA Login
  • Hide My WP > Mapping > Text Mapping
  • Hide My WP > Mapping > URL Mapping
  • Hide My WP > Tweaks > Hide Options
  • Hide My WP > Tweaks > Redirect Options
  • Hide My WP > Temporary Login > Logins
  • New Login Path /newlogin
  • Old Login Path shows 404 Error /wp-login.php
  • Old Admin Path shows 404 Error /wp-admin
  • New custom core paths changed with Hide My WP Ghost

常见问题:

Does this plugin work on WP Multisite?

Yes, the plugin works on WP Multisite and you will configure it for the entire network. The plugin also works with Apache, Nginx, IIS, and LiteSpeed servers

Is WP Ghost working on Nginx Server?

Yes, the plugin works on Nginx Server and you will be guided for the redirects and nginx.conf settings. The plugin also works with Apache, IIS, and LiteSpeed servers

My website theme is not loading correctly after I change the paths. What should I do?

This issue is most likely from setting the rewritten rules.

  1. Make sure you purge the cache if you have cache plugins after you save the WP Ghost settings.
  2. In case the .htaccess (for apache) or nginx.conf (for Nginx) or web. config (for IIS) is not writable you need to add the rewrites manually.
  3. If you have Nginx server make sure you reload the Nginx after you save the settings.
  4. If the theme is still not loading okay, contact us and we can set up the plugin for you for free.
You can find useful information here: https://wpghost.com/kb/

I forgot the custom login and admin URLs. What now?

Don't panic. You can still access your site with the Safe URL that was downloaded when you saved the settings

Locked out of my site! I set the plugin, and after I logged out I couldn't get back in

Rename the plugin directory /wp-content/plugins/hide-my-wp so that the plugins won't hide the wp-login.php path anymore Login using http://domainname/wp-login.php and activate the plugin again. Make sure you remember the secure parameter and it will be much easier.

Does WP Ghost work for the WordPress.com website?

Because of the Jetpack security in the WordPress.com website, WP Ghost can't change the admin and login paths. If you already activated Hide My Wp on WordPress.com, remove the directory /wp-content/plugins/hide-my-wp to disable the plugin.

Will this plugin work if I don't have custom permalinks on my site?

No. You need to have custom permalinks set to 'on' in Settings > Permalinks. You will get a notification on the Settings page if something is not set upright.

What do I need to do before I deactivate the plugin?

It's better to switch to Default Mode in Settings > Hide My WP. If you don't, the plugin will automatically change your site back to the safe URLs and it will tell you what to do if you don't have write permission for the config files

Is this Plugin free of charge?

Yes. The Lite features of the WP Ghost plugin will always be free. We will include all the required WordPress Security updates. To unlock all the features, please visit: WP Ghost - Pricing Plan

How to set the plugin on the Nginx server?

Please follow this tutorial step by step to set up the WP Ghost for Nginx server: Setup WP Ghost on Nginx Server Configure WP Ghost On Nginx Web Server With Virtual Private Server Install WP Ghost on Kinsta Server Install WP Ghost on RunCloud Server Install WP Ghost on WPMUDEV Server Install WP Ghost on Ploi.io Server Install WP Ghost on Flywheel Server Install WP Ghost on Amazon AWS Lightsail Server

How to Hide Your Site From WordPress Theme Detectors?

Changing the common WordPress paths will not guarantee that the WordPress CMS is completely hidden. The old paths are still accessible and hackers are still able to inject SQL and Javascript into vulnerable installed plugins and themes. Read more: How to Hide Your Site From WordPress Theme Detectors

Is this plugin enough to protect my website from all hackers?

The Free version of WP Ghost will not protect you from all hacker attacks. For extra security you need the premium version. WP Ghost hides all the common paths and patterns used but bots to detect that you are using WordPress.

How Can I Change The WP Paths In Admin Dashboard?

By default, WP Ghost changes the paths only in frontend. We don’t recommend this but if you want to change the path also in the admin dashboard, add this line in wp-config.php file define('HMW_ALWAYS_CHANGE_PATHS', true); Save the settings in WP Ghost and the WordPress paths will be changed in admin backend area.

Why The New Admin Path Is Redirected To Front Page?

By default, when you set WP Ghost plugin in Lite Mode, you can login only with the new login path. To activate the option to access the new admin path and to be redirected to the new login path, do this: Switch OFF the option WP Ghost > Change Paths > Admin Security > Hide the New Admin Path Once you switch off the option and save the settings, when you access the new admin path, it will redirect to the new login path. Customize Paths in WP Ghost

更新日志:

5.4.01 (06 Ian 2025) 5.3.02 (08 Nov 2024) 5.3.01 (07 Oct 2024) 5.3.00 (20 Sept 2024) 5.2.04 (07 July 2024) 5.2.03 (04 July 2024) 5.2.02 (19 June 2024) 5.2.01 (04 June 2024) 5.1.03 (20 May 2024) 5.1.02 (30 Apr 2024) 5.1.01 (10 Apr 2024) 5.0.29 (19 Mar 2024) 5.0.28 (14 Feb 2024) Compatibility with PHP 8.3 and WP 6.4.3 5.0.27 (18 Oct 2023) 5.0.26 (28 Aug 2023) 5.0.25 (23 Aug 2023) 5.0.24 (03 July 2023) 5.0.23 (29 May 2023) 5.0.22 (16 May 2023) 5.0.20 (03 May 2023) 5.0.19 (23 Apr 2023) 5.0.18 (03 Mar 2023) 5.0.17 (19 Dec 2022) 5.0.16 (21 Oct 2022) 5.0.15 (06 Sept 2022) 5.0.14 (17 June 2022) 5.0.13 (03 May 2022) 5.0.12 (08 Mar 2022) 5.0.11 (22 Feb 2022) 5.0.10 (17 Feb 2022)