Hide My WP Ghost: Updates Recap

We've recently launched 4x Update Packs in 30 days.

For those of you who only joined us recently, let's make a big recap with everything that changed:

  • License and User System

    Two different APIs. 1st for Users Check. 2nd for License Check. Improved security and better licenses.
  • * Fixed - Increased plugins speed on compatibility check

  • * Update - Compatibility with Siteground
  • New login Path Visible inside the Cloud

    Option to see the new login URL inside the Cloud.
  • * Fixed - Reduce resource usage on 404 pages
  • * Update - Compatibility with other plugins
  • * Fixed - User roles names display on Tweaks
  • * Fixed - Remove the rewrites from WordPress section when the plugin is deactivated
  • * Update - Add the option to select the server type if it's not detected by the server
  • * Update - Add compatibility for Cloud Panel servers
  • * Update - Compatibility with Avada when cache plguins are enabled
  • * Update - File processing when the rules are not set correctly
  • * Fixed - Common paths extensions check in settings
  • * Update - Security headers default values
  • * Update - UI & UX to guide the user into the recommended settings
  • Whitelist Paths: If you have a PHP app that needs to run from a very specific path, then you can add its path to the whitelist for paths, in order to ensure that it will not get added to the rewrite layers.
  • Option to disable all HMWP features SOLELY for the users with IPs from the list of whitelisted IPs (example: people from your office)
  • Whitelist IPs to provide your office space, for example, with the ability of working on your WP site with the usual admin paths.

  • Update - Added the 8G Firewall filter
  • Update - Added the required header security for Apache and Nginx
  • Update - Added the option to block theme detectors crawlers by IP & agent
  • Fixed - Load Firewall on all server types only in frontend to avoid functionality issues in backend
  • Fixed - Avoid loading recaptcha on Password reset link
  • Fix folder and file permissions (quick/complete) ... 
     - quick = fix permissions for main directories/files
     - complete = fix permissions for WP directories, all themes, all plugins, uploads
  • Change username "admin" to custom username
  • Change database prefix -- directly from the PLUGIN!
  • Change Salt security keys in config file
  • Divi Theme compatibility - fixed on backend
  • Add the option to block comments that may lead to spam
  • Update - Translate the plugin in more languages

    Arabic  German  Spanish  Finnish  French  Italian  Japanese  Dutch  Portuguese-Brasil  Portuguese-Portugal  Romanian  Russian  Chinese
  • ability to choose which common files to block from bots

On the 6th of May 2024, we've announced many new updates: including a powerful new firewall, 2 Factor Authentication, more updates to Brute Force, changing security items from our security audit directly from the plugin, instead of working with a ftp.

^^ this is already very cool! Because you can now perform the:

Security Tests !!! Make the security tests inside Hide My WP Ghost, and then use the new action buttons we've added to "Fix It" on the spot, without having to rely on others for help.


After that, a really big update for those who have the special 3 Codes Plans for Hide My WP Ghost by Squirrly:


Today, I have something exciting to show users who have purchased the 3 Codes Plans for Hide My WP Ghost by Squirrly.

It's a feature that was requested via our support channels in many different ways, and we've decided to build it to resemble the Web Dev Kit we have inside Squirrly SEO.

You can now customize a zip file for your clients directly from the cloud app of Hide My WP Ghost.

This will help you install a zip, and already have the most important aspects pre-configured. This update should make it super easy for you to install HMWP just the way you like on all the client sites managed by your agency.

1717103749798.jfif 154.11 KB


There are many options you can pre-configure for all the next installs you plan to make.

My only word of advice to those who are new to Hide My WP Ghost is:

Try to get familiar with the plugin and the many security options first. Find your perfect kind of setup. One that you like a lot and wish to apply to all your clients.

And then go and configure a new plugin to use for all the next installations.

Available on the 3 Codes plan only.

Coming up next:

- Announce Magic Links
- Announce Geo Blocking

Then, we kept pushing more updates:

More Udates to Hide My WP Ghost by Squirrly will be announced soon.

Magic Links Logins have been announced today, to follow up the updates you can see in our feed. Directly on our LinkedIN Page: just scroll to 31st May 2024 and 6th May 2024 to check them out at your own pace.

Coming back with the 4th updates pack for Hide My WP Ghost, from the last 30 days.

We've worked very hard to bring you these update packs and I hope you enjoy them. It took us many months to finish all these, so now we're happy we could release so many for you.

There are also many fixes that never reach the light of day (meaning I never get to promote them via RoadMap, Social Media and email), because working on more compatibilities and integrations is constant work for a security plugin focused on prevention.

Check it out here:

  • whitelisting certain countries and blocking many other countries
  • Geoblocking feature

  • Fixed - Prevent firewall to record all triggered filters as fail attempts
  • Moved - Firewall section was moved to the main menu as includes more subsections
  • Fixed - 8G Firewall compatibility with all page builder plugins
  • Removed - Mysql database permission check as WordPress 6.5 handles DB permissions more secure
  • Update - Added the option to select the level of access for an IP address in whitelist
  • Update - Added 'Send magic link login' option in All Users user row actions on Hide My WP Advanced Pack plugin
  • Update - Added Firewall blacklist by Hostname
  • Update - Added Firewall blacklist by Referrer
  • Fixed - Prevent redirect the wp-admin to new login when wp-admin path is hidden
  • Fixed - Don't show Temporary Logins & 2FA in main menu when deactivated
  • Fixed - Frontend Login Check popup to prevent any redirect to admin panel in popup test
  • Update - Send Temporary Logins in Events log
  • Update - Search option in Hide My WP > Overview > Features
  • Update - Added Firewall blacklist by User Agent
  • Update - Added Country Blocking & Geo Security feature
  • Update - New Feature added "Magic Login URL" on Hide My WP Advanced Pack plugin
  • Update - Compatibility with WPEngine rules on wp-admin and wp-login.php
  • Fixed - Remove filter on robots when 8G firewall is active
  • Update - Translated in 12 languages
  • Update - Magic Link Login
  • Update - WooCommerce Magic Link Login
  • Update - Search Features Option in Overview page
  • Update - Compatibility with WP 6.5.3
  • Download the white label plugin archive with the paths and options preset
  • Update Hide My WP Ghost - White Label - customize options
  • Update Hide My WP Ghost - White Label - customize firewall & headers
  • Update Hide My WP Ghost - White Label - customize paths
  • Generate backup codes for 2FA
  • Automatically change database prefix
  • Add feature to secure Content Security Policy (CSP)
  • REST API Allow Access by IP
  • URL mapping for sub-domains
  • Renew the SALT codes automatically in wp-config.php

I wanted to bring you the news about this as quickly as possible.

We've moved the Firewall settings into the main left menu, because it became a complex and useful feature for our users.

Today's updates pack is mostly about Firewall and GeoBlocking, plus we went through other features that were requested on our roadmap