Swift Security and Hide My WP are popular WordPress security plugins. Because WordPress is a well-known content management system, it makes sense for hackers to try to exploit vulnerabilities in the system.
Every year, thousands of WordPress websites are hacked. Reasons vary from vulnerable templates, plugins or easy passwords.
Why is it so when WordPress itself is a very secure platform?
- 41% of sites are hacked via their hosting provider. This means hackers exploited the vulnerability or took advantage of insecure hosting provider configuration to be able to hack into the WordPress blogs and websites.
- 29% of sites are hacked via a vulnerability in the WordPress theme. This means a hacker identified a vulnerability in a theme that was installed.
- 22% of sites are hacked via a vulnerability in a plugin that was installed on WordPress website/blog.
- 8% of sites are hacked because account on that WordPress installation is using a weak password.
Once a hacker gains access to a WordPress blog or website, he/she mostly makes following changes to hide the traces and retain access to the WordPress installation:
- Create a new account with admin privileges
- Reset a password to ensure other users cannot regain access
- Change the role of an existing account
- Modify the content to inject it with malicious code
- Tamper WordPress source code
- Make redirects in htaccess files
Hacking a WordPress is very easy, but so is securing it. There are various plugins available, free and paid, to secure your WordPress website. Most popular are WordFence Security, BulletProof Security, and iThemes Security.
But what if you could completely hide the fact you are using WordPress on your site/blog for even more protection?
If you have the budget and if your WordPress is the hub of your business, it is recommended to further beef up the security of your WordPress to ensure you are also protected from targeted attacks.
Most popular plugins oriented in hiding WordPress are Hide My WP and recently new, Swift Security. I have already written about Hide My WP, so if you are interested check previous posts:
2. Stop Spam Registrations with Hide My WP WordPress Plugin
Swift Security Review- Hide WordPress
Swift Security Bundle is comprehensive security plugin for your WordPress websites. Thanks to the simple plugin options, you can make your website more secure without requiring any technical knowledge.
The plugin allows you to hide all traces of WordPress from your website. It is also possible to change any string you want in the source code.
This makes it harder for attackers to find out which CMS you are using. There is also a pre-configured firewall, which will be useful in preventing malicious attacks and blocking suspicious traffic. Swift Security plugin puts a bulletproof vest over your website.
Swift Security Bundle plugin has three modules. Those modules can also be purchased separately but to get most of this plugin it is better to get it as a bundle.
1. HIDE WORDPRESS MODULE – you can hide the fact that your website uses WordPress.
The Hide WordPress module will not change the original file structure. It will only hide it. From a security perspective, this is very useful. Malicious users can exploit known plugin or theme vulnerabilities to hack your WordPress website.
In the Hide WordPress menu, you can rename your original file path. For example you can rename your wp-content/uploads/ directory or your wp-admin directory. By default, the module blocks the direct PHP script access.
2. FIREWALL MODULE – you can prevent most common attack attempts such as SQL injection, XSS, File path manipulation and malicious file uploads.
Prevent the common attack attempts like:
–SQL injection – In the case of vulnerable plugins or themes, you can prevent attackers to exploit eventual SQL injection security vulnerabilities.
–Cross-site scripting (XSS) – Prevent attackers to exploit possible XSS injection security vulnerabilities.
–File path manipulation – Prevent attackers to exploit eventual file path errors
–Malicious file uploads – With the Firewall File upload filter you can prevent an attacker from uploading executable, malicious scripts.
You can quickly set the security level of the Firewall with the help of the slider, and if you are an advanced user, you can provide custom settings under the Advanced settings tab.
–IP/Geo filters – Set filters based on IP addresses or specific countries. For example, you can set a filter so that the WP admin can only be accessed from the USA. Also, you can block visits from specific countries.
—Push notifications – With the help of pushover.net you can get real-time updates about actions related to your website.
–Anti-Brute force – With the anti-brute force feature you can protect the site from different brute-force attacks.
–Comment spam blocker – The built-in comment spam blocker.
3. CODE SCANNER MODULE – You can scan all files and find all previously uploaded malicious files before the installation of the plugin.
Code Scanner can be run automatically at specified time intervals. If an attacker succeeds in uploading a malicious code to your server, code scanner will automatically quarantine it. Also, you will receive a report with the results of the scan.
Besides these, the Code Scanner checks the security of certain basic settings and provides useful advice should it find any problems. It may happen that the Code Scanner gives a false positive alert for a legit file.
Swift Security Bundle Features
With the help of pushover.net you can get real-time updates about actions related to your website. Such as successful login, unsuccessful login, hacking attempts, and receive scan reports from the pre-scheduled Code Scanner.
The plugin hides your WordPress and important features such as meta tags, original file structure, login ids, admin URL, etc.
Swift Security plugin comes with a built-in firewall that filters and blocks malicious requests and even sends an email notification to you about the issue. You can setup a login IP filter so that nobody can break into your account even if a malicious user steals your password.
You can rename any file and also rename the original readme without having to modify it physically.
The plugin lets you run scheduled code scans on your website, find vulnerabilities in your plugins and systems. You also have the freedom to schedule scans at different time intervals.
Swift Security will automatically quarantine files that are suspicious and send an email report about it.
Swift Security FAQ
Q: Will everything return to normal when Hide My WordPress module is deactivated?
A: Yes. Swift Security does not rename directories and files, it only masks them, so if you disable the module or the plugin, everything will return to its original state.
Q: Is Swift Security compatible with other security plugins?
A: Swift Security is compatible with most security plugins. Conflicts may occur when both plugins rename the admin URL, or two firewalls are activated at once.
Q: Is plugin compatible with cache plugins?
A: Yes. Clear the cache after activation or modifications.
Q: Is it compatible with other minifying plugins?
A: Yes. Swift Security offers its own solution for minifying, so it is best not to use other minifying plugins.
Q: Is it compatible with multisite?
A: No, the current version is not compatible with multisite.
Q: Does the plugin influence on the speed of the website?
A: No, the plugin does not affect the speed of website/blog.
Q: Does it affect SEO?
A: You won’t have any SEO problems if you’re not going to change the content URLs (post, tag, category, author, feed).
Swift Security vs Hide My WP Comparison
When comparing Swift Security vs Hide My WP from a price standpoint, we can see that Swift Security is far pricier. Almost double in price.
Hide My WP is also way more popular with more than 20,000 sold copies compared to Swift Security Bundle which has more than 1,000 copies sold.
One of the important aspects are updates. From what I can see both plugins get only a few updates per year (2-3). Currently, it seems Hide My WP is updated more often.
Checking security features, it seems both plugins have most important features included. I am no expert on security so can’t really tell which has better security settings in detail.
I have tested both plugins, and I did experience breaks of the site with both. Nothing serious and nothing that few tweaks couldn’t solve.
If you must chose, I would pick Hide My WP just because of affordable price and bigger community which will ensure that plugin will be updated when needed and it will be easier to solve issues as many probably already encountered what you are facing.
- Swift Security
- Free Version
- Export/Import Options
- Trusted User Roles
- Hide Login Page
- Hide Admin
- Spy Notify
- Remove Meta
- Remove Version
- Hide Other Files
- Compress Page
- Hide PHP Files
- Replace in HTML
- Replace URLs
- Change Theme Paths
- Change Plugin Paths
- Change WordPress queries
- Change upload URL, wp-includes folder, AJAX URL
- Disable WordPress archives, categories, tags, pages, posts, etc
- Anti-Brute Force
- Multisite Compatibility
- Compatibility With Cache Plugins
- Login IP Filter
- Scheduled Code Scans
- Automatically Quarantines Files
- WooCommerce Compatibility
- Child Themes Support
- Nginx Support
- Hide My WP
NOTE: Information stated in comparison table may be outdated. Plugins get new features and settings, and some options get removed. Please check official page or contact plugin support to get most accurate info.
Hide My WP vs Swift Security – Which is Better?
Swift Security is a fairly new plugin with an initial release in January 2015 while Hide My WP was released in 2013 and had more time to polish its features and to get a customer base.
There was a free version of Swift Security available on WordPress repository, but it was removed after some time. Swift Security plugin and Hide My WP are handy and combine many options that are managed individually by many other free or commercial products.
It allows you to reduce the number of active plugins significantly. The customization possibilities are very high and potentially can offer an enviable bulwark for every user.
Both plugins offer many critical security features that users need to secure their Word Press. Best of all, essential features are one click activation.
Which is better from those two? Well, I would say that both do the job excellent. It is up to you to decide based on features you need, and plugins provide.
Have you used Swift Security or Hide My WP? Do you think there are a worthy investment? Let me know in comments below!