Remember when the likes of eBay, AOL, and even Target got hacked big time and millions of customers’ accounts were made available to the very people that set out to steal them?
With large scale cyber attacks such as these happening more often than anyone would like to admit, you might think to yourself that the chances your small WordPress website will be hacked are slim to none. After all, who would hack your website when there are so many bigger and better sites to attack?
Unfortunately, the reality is that small business websites are just as targeted by cyber criminals as large corporations. And because small business websites are often not as concerned with major security breaches, their websites are left more vulnerable and open to attack.
Using WordPress as your content management system already puts you one step ahead of the rest of the online world as far as security is concerned. However, that does not make your website immune to hackers.
There is one solution to consider however. One that has the potential to protect your website from 90% of all hacking attacks made on your website.
In the past we have shared with our loyal readers plugin recommendations for increasing your eCommerce shop’s sales, building a bigger email list to boost subscriptions, and even how to make your website’s caching easier and more effective. And while all of these are arguably essential to running a successful website, today I am going to touch on something much more important – website security and protection.
Today I am going to share with you why securing your WordPress website is so important and how using a security tool called Hide My WP to well…hide WordPress…can be used to help secure your website from unwanted intrusions and hacks.
So, let’s get started.
Why Secure Your WordPress Website
Security is a top priority when it comes to those involved in the online world. In fact, WordPress core developers are fully dedicated to patching and updating the very software you place on your website to avoid any vulnerabilities that may arise.
However, the very fact that you use the popular CMS platform WordPress makes you a prime target amongst hackers. Knowing that so many websites use WordPress and again, that so many website owners do not take security seriously enough, hackers are encouraged to attack WordPress websites of all sizes.
Exploiting things such as weak passwords, outdated WordPress versions with known vulnerabilities, old and insecure plugins or themes, and the basic lack of a solid security plugin make it easy for hackers of all levels to tap into your website.
Stealing your personal information, defacing you website, using your server as an email relay for spam, or setting up a temporary server using your website to deliver files that are illegal in nature, hackers can cause website owners a lot of trouble.
How to Secure Your Website
Before we discuss how using Hide My WP can really boost your website’s security, let’s take a look at some of the basic steps all website owners should take to secure their website:
- Make sure all software is up to date at all times, including your server operating system.
- Use complex passwords that would be nearly impossible to randomly guess.
- Reconsider letting other users upload files to your website, even if it’s just to change an avatar. This can open your website up to many security risks without anyone knowing.
- Be careful how much information you reveal in error messages. For instance state “incorrect username or password”. This way any failed attempt to login will not reveal which half of the login equation was correct.
- Implement a security certificate (SSL) any time you are exchanging personal information with others.
- Keep your WordPress version, themes, and plugins updated at all times. Get rid of any themes or plugins you are not using or that are no longer being updated.
- Consider using a CAPTCHA tool to protect against brute force attacks via your login page.
These are just some of the easy and basic things any WordPress website owner can do to protect their website from being attacked. However, it is possible to take it one step further using Hide MY WP.
What Does Hiding WordPress Mean?
You might be asking yourself right now what exactly it means to ‘hide WordPress’ and why that would be a good idea. So, before explaining how Hide My WP can help you, let’s all get on the same page.
Hiding WordPress typically means that you are attempting to hide the fact that your website runs on the WordPress platform from any person or bot that attempts to identify your CMS. However for some, hiding WordPress may mean simply hiding the version of WordPress they are using.
The point is, hiding WordPress is usually done as an attempt to secure your website from real life hackers and automated bots trolling the Internet trying to tap into vulnerable sites.
So, what does Hide My WP do then?
What is Hide My WP?
Hide My WordPress is a highly advanced security plugin that disguises the fact that your website runs on the WordPress CMS without changing any file or folder structures. Only, it does not simply mask the version of WordPress you are using. In fact, it is much more technical than that.
In an attempt to protect your website from up to 90% of all hacking attempts, Hide My WP will also:
- Hide important PHP files. These are the necessary files required to display your website to your site visitors as one complete and readable webpage. They are also the most common way your WordPress website is hacked.
- Minify your CSS stylesheet. These files can easily be hacked to access website data. By minifying and cleaning them you protect against data breaches while also increasing page loading time.
- Change your plugin directory. Plugins that are only WordPress compatible can reveal the CMS you are using and should be hidden.
- Change query URLs. Normally URLs and query parameters are not secure and are often the target of SQL injections (the insertion of malicious code). This is why they should never contain sensitive information and if they can be changed your site will be that much more secure.
- Change permalinks. Not only will they look much nicer to those visiting your website, changing permalinks will obscure any WordPress mention from bots looking to attack your site.
- Hide anything labeled wp. This includes your WordPress version, plugin URLs, and licensing information.
Additional Hide My WP Features
With all that being said, one of the greatest features this plugin has is the hiding of your WordPress login page. Nothing gives away the fact that you are using WordPress more so than the login page. Anyone can type the URL of your webpage and add /wp-admin to access your login page if you are using WordPress. And since this is where brute force attacks occur (as hackers or bots attempt to guess your username and password to login), hiding this page is a great security tactic.
Another helpful feature is the email notification. Whenever someone accesses your 404 page you can choose to be notified via email. This will alert you to possible security breaches so that you can be ready should anything happen.
Unfortunately, a lot of people get hacked and don’t become aware of it until a lot of damage has been done – website damage, personal information leaks, even Google penalties. Knowing ahead of time can help you up your security measures and be more prepared. Plus, this plugin will not affect you SEO rankings in any way. It simply protects and hides your website.
And to add to that, Hide My WP will even let you change your email sender name. This is helpful because any email sent to you via your WordPress website will have the name WordPress attached to. This dead giveaway that WordPress is your CMS will open your website up to hackers, and possibly expose your admin email as well.
But What About Other Solutions?
It should come as no surprise that there are plenty of security plugins out there that will aid in your website’s security efforts. For example, many WordPress users rely on the mix of iThemes Security and Wordfence Security. However, while each of these provide excellent security measures, there is no feature for hiding the fact you use WordPress. This means a third plugin (that may or may not be compatible with either security plugins) must be added to your website. This is not efficient.
In addition, there are some plugins, such as Swift Security, that offer many of the same features Hide My WP does. However, upon closer inspection, you will quickly find that in order to get all of the security features plus the hide my WordPress feature you will need to buy the Swift Security Bundle.
For example, in order to access firewall protection and code scanning, you must purchase the Swift Security Bundle. On the other hand, Hide My WP has these features built-in in the form of the the Intrusion Detection and Prevention System. In the end, the Swift Security Bundle comes in at a higher price than Hide My WP making Hide My WP the more desirable option.
Is Hiding WordPress Worth it?
The truth is hiding WordPress from the world at large is not a foolproof system. Those targeting you directly, or even just experienced hackers or super-techie bots can still get inside of your website whether it is labeled as a WordPress website or not.
However, adding this extra layer of security definitely decreases the chances your website will be hacked successfully because many random attackers will never even know you exist in the first place. And, as a true testament that WordPress customers like the product, Hide My WP ranks an average 4.49 out of 5 stars with over 1,200 reviews. That, paired with its 16,000+ sales shows interested buyers that there is some legitimacy to this plugin and it is worth the premium price.
The important thing to remember if using a tool such as Hide My WP is to not become lax in other areas of website security. The basic steps mentioned earlier such as using a strong password and keeping everything updated should still be practiced religiously.
Just because you technically cannot be ‘found’ since you are using a WordPress hiding tool does not mean you are 100% safe from all hacking attacks. A plugin solution such as Hide My WP should only be used in addition to all other safety measures in order to protect your website to the fullest.
Have you tried using Hide My WP on your website as an added security measure? Maybe you have tried another solution that you found useful and would like to share with the other readers here? I would love to hear all about it in the comments below!
7 Responses
I understand why would someone want to hide fact they are using WordPress from security aspect.
But you can’t hide that fact fully. Taking security measures and having decent security plugin installed should cover basic security protection.
This sort of attack is not endemic to WordPress, it happens with every webapp out there, but WordPress is popular and thus a frequent target.
A way to avoid using such a plugin is to use custom page templates that call the function. Part of the security this affords is active only when you disallow file editing within WordPress .
Jean,
I was going to leave this item alone. But I consider it an honor that YOU took time to respond because I admire the outstanding work you have done over many years.
So it is quite a privilege for me to speak to you directly.
I would just ask potential user to do an Internet search on problems with this plugin before deciding to give it a whirl.
As mentioned in my first post, over the years your site has uncovered great plugin that go unnoticed by almost the entire WP community.
For example, almost 2 years ago, this site turned me onto Clean Talk, which is a great plugin that I still use with no issues at all.
Generally, in my research on plugins this site is one of my main sources for reliable, competent, unbiased information.
Unfortunately, I don’t this is the case with the plugin.
But you still are my go-to source.
Much respect for what you do and have done.
Thanks
I appreciate the feedback and kind words Rick, thanks!
I have been following WP Mayor for years, and I am surprised this site is recommending this plugin.
It seems it would cause all kinds of chaos and havoc on a WP install.
Code Canyon!!!???
Thanks for following us for such a long time Rick, we appreciate that! Why do you think it would cause chaos and havoc?
With respect to CodeCanyon in general, there are several excellent plugins there. Of course there are many which are not worth their price, but then again the WordPress.org repository is also filled with useless/badly coded plugins.