A number of plugins are sprouting up, and their sole purpose is to hide the fact that you use WordPress. What’s the reason for doing that?
The number one reason is security. By obscuring your WordPress installation, you protect your site from brute force and mass hacking attempts, where large numbers of URLs are scanned in search for WP installations to attack.
Here are the best WordPress plugins for hiding the important aspects that hackers look after:
Hide My WP
Hide My WP control access to PHP files. It protects your site from 95% of SQL-Injection and XSS attacks. This means you can install unsafe plugins without worry about security.You know hackers, spammers and robots all love WordPress, too with Hide My WP they can’t recognize WordPress and simply ignore you!
Guaven FP
WP Guaven Feature Pack is a WordPress plugin that promises unique source code and a litle more secure WordPress site. Made for all and very easy to use.
Following are the main features that differentiate Guaven FP:
Hides /wp-admin and /wp-login.php from all visitors and only you can have an access.
Removes all wordpress marks from the source code (such as wp, wp-content, wp-admin, wp-includes)
Furnishes your WordPress source code with an absolutely different appearance, as if it is not even developed on a WordPress site.
Removes adminbar as well as the WordPress Meta tags, whereas also can change default jQuery, and customizes wp-login page.
Download Guaven FP
If you enjoyed this post, make sure to subscribe to WP Mayor’s RSS feed.
38 Responses
Is there any way to hide your WordPress version from CMS recognizer websites such as buildwith.com, this website reveal the WP version? Any suggestion?
You can use the plugin specified in this post. It hides your WordPress completely from detectors.
Great info, and i think the plugin is working great in my site i tried out for about a month, so i know how it works well. Seems like no script troubleshooting arise in this last month. Keep it updated!
Thanks.
Really your post is helpful
Thank You Sir.
does hide my wp plugin affect seo, as it block robot too, so search engine will crawl site or no?
it does not.
Hello Jean!
Hope you are well!?
I must say that we have already bought a multiuser license from another plugin. If it worked well for a while, it is not the case now and the technical support no longer responds. So we have to turn to another solution.
I saw this plugin. Is this still up do date or you have some others suggestions?
I think this plugin will be helpful. I started using Wordfence and saw many people were trying to visit pages that they were not suppose to. For instance, they were visiting /plugins, /wp-content etc. So if we use hide my wp plugin, people wont try to visit pages because they are not sure whether the website is a WordPress or not. Not sure, but this plugin will be good,and I will use it.
Great info, and i think the plugin is working great! i tried out for about a month, so i know how it works well. Seems like no script troubleshooting arise in this last month. Keep it updated!
Thanks.
Thanks, this works great!
Welcome Kim!
Here’s a new WordPress plugin which does a great job on wordpress hide WP Hide & Security Enhancer it’s a free code which allows to hide pretty much everything, including admin and login urls change.
There is new plugin
@Mike:
Not really working…
Yes, it working. WordPress and theme was detected because there was links to wordpress.org and theme in footer.
Check this:
btw wpthemedetector detects wordpress for anula.pl as well (but not the theme)
builtwith and wpthemedetector caches data
check for – same site on other address
Maybe, but wpthemedetector still detects wordpress
wpthemedetector detect everything, even payd hide my wp
When I checked yesterdey it was “It seems the site doesn’t use WordPress” but today it detects WordPress.
This detector not working. It just checks links for theme in footer 🙂
Actually wpthemedetector.co.uk can detect WordPress even if you are using hide my wp
I think simple hiding is not enough, if you want secure your site you should use a firewall, don’t use vulnerable plugins, or use an integrated plugin (firewall+hide wordpress) like swift security
A comprehensive approach to security is always recommended.
I had ‘Hide My WP’ deleted from ThemeForest, no support. Good riddance.
It is still available and doing very well.
Except its not and Themeforest.. its at CodeCanyon 🙂
CodeCipher could be very useful to WordPress users. This is a nice little plugin that encrypts your WordPress source code output so that hackers and unwanted guests can’t see your source:
Is this a safe thing to do? I found a free plugin that hides wp-content (but not wp-includes): – but I noticed that none of these plugin are in the WordPress repository. Is that because they’re not legal by the standard of WordPress? WP Mayor doesn’t use any of these plugins either; why not, if it’s good for security?
They are perfectly good to use and the repo includes a number of plugins of this type. We don’t use them on WP Mayor because it is pretty obvious that we’re using WordPress so no point in hiding that. We take other security measures including being hosted with WP Engine, one of the very best hosts with a great security setup.
Jean,
Is your recommendation to use both plugins, or to choose one option.
Very excited to use the plugins. Thank you for the recommendations.
Jason
I would go for Hide My WP.
Thanks for a nice tutorial. I have put together some benefits of hiding your wordpress:
Free options are available as well, like Better WP Security (top of the heap ratings wise- it just works), and Stealth Login Page (which effectively “removes” the login page entirely).
Enjoy!
Jim Walker, The Hack Repair Guy
Thanks for sharing Jim.
will these plugins interfere with custom login plugins? especially social media plugins? im a bit weary of the hiding of wp-login.php
I’m not sure to be honest Matthew, haven’t tried that combination yet. Although they shouldn’t on principle.
Thanks Steve, we also have another post about security plugins in general.
Great info, Jean!
I also use (free) which scans the template files of the wp theme looking for malicious code and keeps them safe by not allowing any change to be made without notifying the blog admin first.
I use a few more, but generally I keep security details close to my chest (better safe than sorry) 🙂
Cheers
~Steve