WordPress is well-known content management system (CMS). More than 23% of the top 10 million websites on the internet use it. Because of that popularity, WordPress has become a common target for hackers.
Every year, thousands of WordPress websites are hacked. Reasons vary from vulnerable templates, plugins or easy passwords.
Why is it so when WordPress itself is a very secure platform?
Once a hacker gains access to a WordPress blog or website, he/she mostly makes following changes to hide the traces and retain access to the WordPress installation:
Hacking a WordPress is very easy, but so is securing it.
There are various plugins available, free and paid, to secure your WordPress website. Most popular are WordFence Security, BulletProof Security and iThemes Security.
But what if you could completely hide the fact you are using WordPress on your site/blog for even more protection?
If you have the budget and if your WordPress is the hub of your business, it is recommended to further beef up the security of your WordPress to ensure you are also protected from targeted attacks.
Most popular plugins oriented in hiding WordPress are Hide My WP and recently new, Swift Security.
I have already wrote about Hide My WP so I will not repeat myself. If you are interested check previous posts:
1. How To Hide The Fact That Your Website Runs On WordPress
2. Stop Spam Registrations with Hide My WP WordPress Plugin
With the Swift Security plugin you can make your WordPress website more secure. A great advantage of the plugin is that you don’t need any special technical knowledge.
Swift Security WordPress Plugin
It has 3 modules:
1. Hide WordPress module – you can hide the fact that your website uses WordPress. The Hide WordPress module will not change the original file structure, it will only hide it.
From a security perspective this is very useful. Malicious users can exploit known plugin or theme vulnerabilities to hack your WordPress website.
In the Hide WordPress menu you can rename your original file path. For example: you can rename your wp-content/uploads/ directory or your wp-admin directory.
By default, the module blocks the direct PHP script access.
Swift Security WordPress Plugin Dashboard
Swift Security Plugin General Settings
2. Firewall module – you can prevent most common attack attempts such as SQL injection, XSS, File path manipulation and malicious file uploads.
Prevent the common attack attempts:
SQL injection – In case of vulnerable plugins or themes you can prevent attackers to exploit eventual SQL injection security vulnerabilities.
Cross-site scripting (XSS) – Prevent attackers to exploit eventual XSS injection security vulnerabilities.
File path manipulation – Prevent attackers to exploit eventual file path errors
Malicious file uploads – With the Firewall File upload filter you can prevent an attacker from uploading executable, malicious scripts.
You can easily set the security level of the Firewall with the help of the slider, and if you are an advanced user, you can provide custom settings under the Advanced settings tab.
IP/Geo Filters – Set filters based on IP addresses or specific countries. For example you can set a filter so that the WP admin can only be accessed from the USA. Also, you can block visits from specific countries.
Push notifications – With the help of pushover.net you can get real-time updates about actions related to your website.
Anti-Brute Force – With the anti-brute force feature you can protect site from different brute-force attacks.
Comment spam blocker – The built-in comment spam blocker.
Hide WordPress Module Swift Security
Swift Security Firewall Module
3. Code Scanner module – you can scan all files and find all previously uploaded malicious files before the installation of the plugin.
Code Scanner can be run automatically at certain time intervals. If an attacker succeeds in uploading a malicious code to your server, code scanner will automatically quarantine it.
Also, you will receive a report with the results of the scan.
Besides these, the Code Scanner checks the security of certain basic settings and provides useful advice should it find any problems.
Certainly, it may happen that the Code Scanner gives a false positive alert for a legit file.
1.With the help of pushover.net you can get real-time updates about actions related to your website.
Such as successful login, unsuccessful login, hacking attempts, and receive scan reports from the pre-scheduled Code Scanner.
2.The plugin hides your WordPress and important features such as meta tags, original file structure, login ids, admin url etc.
3.The plugin comes with a built-in firewall that filters and blocks malicious requests and even sends an email notification to you about the issue.
4.You can setup a login IP filter so that nobody can break into your account even if a malicious user steals your password.
5.You can rename any file and also rename the original readme. HTML without having to physically modify it.
6.The plugin lets you run scheduled code scans on your website, find vulnerabilities in your plugins and systems. You also have the freedom to schedule scans at different time intervals.
7.The plugin automatically quarantines files that are suspicious and sends an email report about it.
Yes. Swift Security does not rename directories and files, it only masks them, so if you deactivate the module or the plugin, everything will return to its original state.
Swift Security is compatible with most security plugins. Conflicts may occur when both plugins rename the admin URL or two firewalls are activated at once.
Yes. Clear the cache after activation or modifications.
Yes. Swift Security offers its own solution for minifying, so it is best not to use other minifying plugins.
No, the current version is not compatible with multisites.
No, the plugin does not affect the speed of website/blog.
You won’t have any SEO problems if you’re not going to change the content URLs (post, tag, category, author, feed).
Swift Security – Hide WordPress, Firewall, Code Scanner is priced $26 on Codecanyon. It is fairly new plugin with initial release in January 2015.
It has already sold in more than 200 copies with average rating of 4.7/5.
Free version of plugin is also available on WordPress repository. Lite version is very limited in settings and features.
This plugin is really useful and combines many options that are managed individually by many other free or commercial products. It allows you to significantly reduce the number of active plugins.
The customization possibilities are very high and potentially can offer an enviable bulwark for every user.
This plugin offers many critical security features that users need to secure their Word Press, best of all it is a one click set up for the basic features.
The Updated GEO block allows you to prevent certain countries from viewing your website, this is priceless and allows you to control your content much better.
Which is better from those two? Well, I would say that both do the job very good. It is up to you to decide based on features you need and plugins provide.
Have you used Swift Security or Hide My WP? Do you think there are worthy investment?
Let me know in comments below!
Hello, my name is Matija but everybody calls me Kasa. I started this site to earn lots of money so that I never have to work again. Just lay down on a beach, drinking cocktails day after day while hot, beautiful chicks fight for my attention.Ok, now seriously. I love making websites, especially in WordPress. Hope reading content on this site you will find helpful tips, tutorials, comparisons, and product reviews for your business.
This was a very useful post. I liked the fact that you took the time to compare and contrast both plugins. I’m still on the fence about which one to use, considering I’ve read a few negative reviews on Hide my WP. And plus many people complain about the support which is a big issue when it comes to purchasing a plugin. At the end of the day, one or the other is a must for the type of site I’m building.
I am pleased to read when someone appreciates work and time put into post and creating comparison.
Yes, support is very important. I think you cant go wrong no matter which plugin from those two you pick.
I just wanted to thank you for this well written post. I appreciate the thorough review of both plugins as I research the best choice for my website. I believe I will be using the Swift plugin.
Glad you found post valuable. Yes, you cant go wrong with Swift.
Very helpful review. I have triad both but I choose Hide My WP. It’s more compatible with premium themes and plugins.
HMWP IDS is also an advanced kind of firewall which you do not consider it!
Thanks for your input and informations.
It looks like hide my wp failed :/
I didnt notice it,
Thanks for letting me know Senela. I dont know the reason for that nor will it come back to Codecanyon. It seems Swift Security doesnt have any competition for now.
Thanks for your great article. For those who search a bit more, see the WP Hide & Security Enhancer https://wordpress.org/plugins/wp-hide-security-enhancer/ This one completely hide old login urls, all other solutions appear to redirect to a 404 error page which indicate the initial url existence.
Thank you for your input Dean.
nice post but swift-security-lite is´nt available anymore ?
It seems so. You can still find version on GithUB.
Current ye@r *
Leave this field empty
Add me to your weekly newsletter!
Send this to a friend