Articles

Article updates

Plugin Usage

Last updated: January 29, 2022 No Comments

This Plugin provides many options to secure and hide your WordPress website. It is important to understand what each option does, so the results should be checked on front side to ensure no incompatibility / conflict is taking place. Be aware that not every option may be necessarily to be used as certain functionalities may not be available in specific themes and certain plugins. For detailed explanations upon all see Plugin Options Explained

The plugin menu is structured into three main sections:

  • Rewrite
  • General / Html
  • Admin

Rewrite

This section includes functions to control almost everything related to URL’s. Parent Theme / Child Theme, Individual Plugins,  Default WordPress folders structure, Uploads, XML-RPC, JSON REST, all default url’s can be changed to something else, disguising the WordPress identity which actually is very easy to be identified without the application of this plugin. This plugin makes structure reading and identification through html code almost impossible as it simply does not match anymore with anything commonly used.  The majority of WordPress identifying / theme detectors will fail to find anything regarding WordPress, not being able to see the CMS of a site at all.

General / Html

Html structure output can be maintained from this section area. Different tags replacements or removals are controlled through these options. Meta tags like WordPress generator,  wlwmanifest, feed_links, adjacent post links, canonical links, emoji, oembed, headers, Html classes and Id’s cleanup etc.  At this point, taking advanced of those settings, WordPress becomes virtually impossible to be detected. Even for large sites with complex structure and functionality, detection of WordPress fails since no tracks of it are being found anymore.

Admin

This section includes two powerful options, a default WordPress wp-login.php and admin slug change.  This is the place through which the login/admin aspects of your site can be managed. Default urls can be set as default theme 404 errors (Not Found type) so it will not give any hint on a potential WordPress instalment. End-user is being shown a default 404 error page, suggesting that the link does not exist at all.  Changing default login / admin slugs brings huge improvement over site security. One of the most important things is to eliminate the brute force login attempt which is pretty common for almost all sites. Hackers/hack boots always search WordPress sites and try to guess and jump into them by exploiting weak logins. Since the default login / admin link is not available anymore, they will not know where to try.  Besides the security aspect, the overall site speed also increases. Just imagine a hack boot trying out thousands of logins attempts in an hour, dramatically reducing the server processing power, thus translating in a much slower page load response for regular users.

Installation

Last updated: January 27, 2022 No Comments

Install the free WP Hide & Security Enhancer

Plugin can be found within WordPress Repository at https://wordpress.org/plugins/wp-hide-security-enhancer/ meaning it can be installed within any WordPress site through admin Plugins menu.

Click on Add New sub-menu item then search for WP Hide & Security Enhancer plugin. Click Install and then Activate.

Once the plugin active, a new menu WP Hide can be found on admin.

 
 

Install the commercial WP Hide & Security Enhancer PRO

Automatic Installation

The code can be deployed just like any other plugin. Under WordPress Plugins follow the next steps:

  1. Log in to your WordPress site admin.
  2. Go to Plugins –> Add New.

  1. Choose the Upload option (near the top of the page).
  2. Click browse and select the zip file.
  3. Once you’ve selected the file click Install Now.
  4. Once the plugin is uploaded and installed choose Activate Plugin.

If the plugin is deployed under a WordPress MultiSite environment, the activation is available through the Network Plugins area.

 

Manual Plugin Installation

There are a few cases when manually installing a WordPress Plugin is appropriate.

  • If you wish to control the placement and process of installing a WordPress Plugin.
  • If your server does not permit automatic installation of a WordPress Plugin.
  • The WordPress Plugin is not in the official WordPress Plugin Directory.

To manually install the plugin follow the next steps:

  1. Download the plugin archive to your computer.
  2. Extract the Plugin files and folders to your desktop (preferable).
  3. Using your FTP program, upload the Plugin folder to the wp-content/plugins directory in your WordPress online instance.
  4. Go to Plugins/Network Dashboard, access the Plugins screen and find the newly uploaded WP Hide & Security Enhancer PRO in the list.
  5. Click Activate to enable the code.

GDPR Compliance

April 16, 2021 No Comments

The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The purpose of GDPR is to give European citizens more control over their personal and related data stored by others.

The WP Hide PRO plugin never stores any sensitive personal information on the server-side or on the user’s computer locally using cookies. Also never send any type of details to any 3rd service.

wph/core/set_server_type

Last updated: December 17, 2020 No Comments
This filter has deprecated and replaced with a constant: WPH_SERVER_TYPE. This can be apache, nginx and is. The constant should be place on wp-config.php before the wp-hide default lines.


    define('WPH_SERVER_TYPE',          'apache');

 

 

 

This functionality is available for PRO version.

Name: wph/core/set_server_type
Type: Filter
Arguments: none

This filter can be used to set the server type which will be used internally by the plugin.
Continue reading

General / Html – HTML

Last updated: August 5, 2020 No Comments

The General / Html – HTML plugin section include some powerful features which tune up the site even further:

  • Remove Comments
  • Minify
  • Disable right mouse click
  • Remove general classes from body tag
  • Remove ID from Menu items
  • Remove class from Menu items
  • Remove general classes from post
  • Remove general classes from post

Remove Comments

The HTML source code usually contain many comment lines, however there is no use for that, unless debugging. Remove all HTML Comments, which usually specify Plugins Name and Version. Any Internet Explorer conditional tags are preserved.

Minify

The Minify component include multiple options:

  • Html
  • Html & Css
  • Html & JavaScript
  • All

Minify HTML, Inline Styles, Inline JavaScripts

 
 
As default WordPress append different classes to Html code. Generally there’s no specific usage for those classes but certain themes / plugins may take advantage of those for tag block identification. Also Cascading Style Sheets (css) code rules may rely and apply based on the classes.

Certain classes are specific to WordPress making the CMS identification quite easy e.g. ayk-post, postid-X, ayk-format-rwey, logged-in, admin-bar, size-full, wp-image-X etc Replacing the above classes is a good step in the process of making a site WordPress fingerprints untraceable.

If using any of above conclude to inconsisted layout or broken style, they should be reverted back as the theme or a plugin use at least a replaced class. In such situation trigger/un-trigger of each option at a time is recommended to see which one should not apply.

Scroll to top