Whatever reason may be, in some cases people prefer to hide the fact that they are using WordPress as platform for their site.
WordPress is easily to love. It has many advantages like huge community, it’s powerful, flexible, free and you can create beautiful sites for all kind of businesses. It is not just blogging platform.
But with those advantages come security problems. Maybe you even don’t want others to know that your online business is based on WordPress.
WordPress is constantly updated and doesn’t have poor security but it is still vulnerable like any other platform.
Because of its popularity, it is target of constant attacks. WordPress sites are targeted more by hackers, bots and spammers which try to take advantage of new security bugs found in plugins, themes and WordPress itself.
This is very common for any popular software or product.
Sometimes people try hide the fact that they’re running WordPress because they’re afraid other people will see that and think they’re “unprofessional” or cheap.
Many say don’t even try to hide the fact your site is powered by WordPress as there are hundreds other ways to not only find out the fact that you’re using WordPress, but also find out the exact version number.
Regardless of any plugins or hacks changing or hiding the “generator” meta tag, the readme file and other precautions.
It is like in real life. If someone wants to do you harm, he will find the way.
If someone wants to hack your site, and he knows what he is doing, he will find a way. But for other wannabe hackers, or average people maybe it is not bad to hide some WordPress facts.
At least to stop some spammers or hide the fact your business is based on WordPress (you don’t have to be ashamed of WordPress. It is most used CMS platforms for websites around world).
By obscuring your WordPress installation, you protect your site from brute force and mass hacking attempts, where large numbers of URLs are scanned in search for WP installations to attack.
There are numerous plugins and services which can help in security of your WordPress site.
If security is really your goal, you should always be updating to the latest version themes, plugins and WordPress itself.
But here is plugin that can co-work with your already installed security plugins to make site bulletproof.
It is called Hide My WP. It works well as a general security plugin, and will hide the fact that you’re using WordPress by changing your permalinks without making changes to the actual locations of your files.
The objective of this plugin is to give your website an extra layer of security:
Hide My WP controls access to PHP files. It protects your site from SQL-Injection and XSS attacks caused by direct access to PHP files.
Hackers, spammers and bots with Hide My WP can’t recognize (or access to) WordPress.
Hide My WP doesn’t change any file or folder as everything stays in its default location.
After installing and activating Hide My WP plugin, you can start configuring. Go to Settings > Hide My WP. The first thing you’ll be asked to do is enter your purchase code.
Click the “Get it” link and copy and paste your purchase code to get things started.
It has few settings divided in “Start”,”General Settings” and “Permalinks and URLs” tab.
If you have Bulletproof security plugin activated on your site, you will get message: “You use BulletProof security plugin. To make it work correctly you need to configure Hide My WP manually. Click on “Manual Configuration” in Start tab. (If you did that ignore this message).”
It is nothing to be concern off. You will just need to manually add rules created by Hide My WP in .htacces using BulletProof. In Start tab section you can choose one of pre-made settings schemes or if you’ve used this plugin on another WordPress install, you’d can import or export settings. Other fields are self-explanatory.
Under the General Settings tab things start to get interesting. Here you can:
NOTE: If you tick option to use Spy Notify, email will be sent to site admin whenever someone visits 404 page (trying to find your admin or login.php). That can cause receiving many emails and thus filling up your inbox.
You can see just a little portion of emails which I started to receive. It is better to leave it unchecked.
General settings are for basic WordPress hiding. You can’t go wrong much when setting options here.
It will help hide some WordPress facts and stop brute force attacks as well as spammer registrations.
If that is enough for you then you can stop setting Hide My WP and save changes. If you want more, go to Permalinks and URLs tab.
Under the Permalinks and URLs tab you will be able to change different link structures and pathways. If you really want to hide the fact you are using WordPress, this is the part that needs to be done.
NOTE: Warning, settings here can mess up the site. All seen settings in images are just examples and don’t reflect my settings.
After finishing save your settings. If using BulletProof Security Plugin then be sure to manually add changes.
Swift Security is another WordPress plugin intended for removing traces that website/blog uses WordPress as its platform.
Hiding WordPress by obscuring a few permalinks and files can be a good security measure. But it’s not your only option, and it shouldn’t be the only action you take to protect your site.
There are some basic WordPress security tips you can easily follow to keep your site more safe from hackers, without hiding WordPress:
If your website’s already been hacked you may want to check guide by Nathan B. Weller to find out how to fix it – What to Do When Your WordPress Website Has Been Hacked.
Hide My WP is easy to install and to configure. All settings and options are nicely explained so you always know what are you doing and what option does what.
I’d say it’s a great investment. For anyone using WordPress to make money or run a business online, $23 for better security is a bargain.
I’d definitely recommend picking this plugin up if you’re looking to be as secure as possible or want to hide the fact of using WordPress no matter what.
Just know, Hide My WP will hide the fact you are using WordPress on your site. But there are many ways someone can still discover what is behind the hood by digging deeper.
Some settings could break site. I personally broke my CSS styles but after unticking option to change theme path everything was working again.
Also it might have conflicts with some plugins too. Author says it works great with any security plugin.
With more than 12,000 purchases and rating of 4.5/5 on Codecanyon this plugin is surely nice add-on to any WordPress site.
Plugin is actively supported and updated. Many new features have been added from the time this post was first written. For detailed info and what is new check sales page of Hide My WP on Codecanyon.
Now over to you. What steps do you take in order to protect your WordPress website? Let me know in comments below!
There are various reasons someone would like to hide the fact his site uses WordPress. Hide My WP will make possible to hide almost every trace that points to WordPress. For average users this will do the trick. But be noted, there are many ways someone can still discover WordPress on website.
Hello, my name is Matija but everybody calls me Kasa. I started this site to earn lots of money so that I never have to work again. Just lay down on a beach, drinking cocktails day after day while hot, beautiful chicks fight for my attention.Ok, now seriously. I love making websites, especially in WordPress. Hope reading content on this site you will find helpful tips, tutorials, comparisons, and product reviews for your business.
Notify me of followup comments via e-mail.You can also subscribe without commenting.
Current ye@r *
Leave this field empty
Add me to your weekly newsletter!
Send this to friend