We all love WordPress, but in most cases we prefer to hide the fact that we are using a blogging platform for our entire business. From other side every day a couple of new security bugs found in plugins, themes and WordPress itself. This is natural for a popular software but are we safe? Can all plugin authors be notified timely about bugs? Are all of them responsible for security problems they generated? or Can we update our themes and plugins everyday?
Hide My WP created to help us. It not only boosts our security but it also allows us to have more beautiful URLs and permalinks!
Please note this is a long waited plugin. No free or premium alternative is available.
Boost your security
Hide My WP control access to PHP files. It protects your site from 95% of SQL-Injection and XSS attacks. This means you can install unsafe plugins without worry about security.
You know hackers, spammers and robots all love WordPress, too with Hide My WP they can’t recognize WordPress and simply ignore you!
Change WordPress permalinks
The magic starts now… But before it please note everything is in its default location and we just control access to it. This guarantees maximum compatibility for our plugin. Also, note if you use Nginx (see /index.php before permalinks) you may miss some of these features.
Hide your wp-login.php
Try this: wpwave.com/wp-login.php
Not found!? OK. Try this one: wpwave.com/wp-login.php?hide_my_wp=1234
Hide wp-admin folder and all of its files (for untrusted users)
wpwave.com/wp-admin/ – Not found!
Change WordPress theme directory, remove theme Info from stylesheet, replace default WP classes and finally minify it!
wpwave.com/template/main.css (Instead: .../wp-content/themes/twentytwelve/style.css)
Change plugins directory and hash plugins name
wpwave.com/modules/0f6a208e/shortcodes.css (Instead: .../wp-content/plugins/zilla-shortcodes/shortcodes.css)
wpwave.com/modules/0f6a208e/shortcodes.php – Not found! (Deny access)
Change upload URL, wp-includes folder, AJAX URL, etc.
wpwave.com/file/test-image-landscape.jpg (Instead: .../wp-content/uploads/test-image-landscape.jpg)
wpwave.com/lib/js/jquery/jquery.js (Instead: .../wp-includes/js/jquery/jquery.js)
wpwave.com/ajax.php – Output 0 (Instead: .../wp-admin/admin-ajax.php)
Change WordPress queries URL:
New URLs:
wpwave.com/?article_id=1
wpwave.com/?user=1
wpwave.com/?find=hide
Old, not working URLs:
wpwave.com/?p=1 – Nothing happen!
wpwave.com/?author=1 – Nothing happen!
wpwave.com/?s=hide – Nothing happen!
Change author permalink (or disable it!)
New: wpwave.com/admin or wpwave.com/profile/admin (Optional)
Old: wpwave.com/author/admin – Not found!
Change or disable feeds
New: wpwave.com/index.xml
New: wpwave.com/cat/aciform/index.xml
Old: wpwave.com/feed/ – Not found!
Old: wpwave.com/cat/uncategorized/feed/ – Not found!
Hide all other WordPress files!
wpwave.com/readme.html – Not found!
wpwave.com/license.txt – Not found!
Disable WordPress archives, categories, tags, pages, posts, etc
wpwave.com/2012/09/ – Not found!
wpwave.com/?m=201209 – Nothing happen!
Continue reading there’s still more!
Easily replace any words in your html output file!
Notify you when someone is mousing about your WordPress site (included with visitor details like IP, user agent, referrer and even username!)
Compress html output and remove comments in source code
Remove WordPress meta Info from header and feeds
Change default WordPress email sender
Custom 404 page!
Remove unnecessary menu classes
Clean up body classes
...
If there is still ambiguity, p
0 comments:
Post a Comment