WordPress enhanced security plugin - Hide My WP Ghost lifetime on Appsumo

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Do you have sites built with WordPress? Well, chances are you probably already have a security plugin. That security plugin has a firewall, a malware scanner, a brute force attack system. But it doesn't have some things. It doesn't hide the facts that you're actually using WordPress. Now you're gonna ask yourself, well, why do I care about that? If you check your security plugin analytics right now, you're going to find out that you're always trying to get hacked. Why is that? Because there's hacker bots that are looking for WordPress sites. So how do we prove prevent most of these attacks? Well, let's hide the fact that we're using WordPress. There's a deal that's called hide. My WP goes, which does exactly that. It's going to complement your security plugin to hide the fact that you're using WordPress. So let me show you what the deal is about and how it actually works. So let's go jump over to my desktop right now. All right. This is the deal that's going on right now and it starts off at $59 for the lifetime deal. So that means you pay once and you can use it forever. And if you guys want to grab that deal, that link will be in the description. Okay, let me show you what this deal actually gets you. There's the first code slack that is $59 and it gets you ten sites. I don't recommend it unless you don't plan to go over ten sites. Okay, the plan I do recommend is the double slack, which is unlimited sites. You can install it for yourself for your clients and you just get unlimited sites. Now, there's the triple code that enables white label. Now, if you don't need white label, if you don't need to hide the fact that you're using this plugin for your clients, you're definitely good with the double slack, so no need to waste a little bit of more money because to grab the white label. So I recommend double code unless you need white label, then jump two, three codes. Alright, now I mentioned in the beginning that you probably already have a security plugin. In this case, this is one of my sites I have Word fence installed, and if you're not using a security plugin, please install one. It doesn't matter which one, but just install one. Okay, so this is Word fence, and you're gonna find out that you're always trying to get attacked from people, even if your site is not popular, there's always hacker bots trying to hack you, and if they find a way, they're gonna hack your site, they're gonna take it down and you're gonna have a big problem. All right, so go to your security plugin if you have one and you're gonna find out that you're always getting hacked and that's the fact that they know that you're using WordPress. So this is where WP hide goes comes in, right? It hides the fact that you're using WordPress and you're going to prevent most of these hacks because they're not gonna know that you're using WordPress. Okay, now this is a blank site. It's my test site. There's nothing installed but my theme. So I just installed this plugin. All right. Which is Hide My WP Ghost. Nothing's going on. It says my security is weak. I don't even have another security plugin, which I should, but this is just a test site. Okay, like I mentioned before, they do complement each other because security plugins are not meant to hide the fact that you're using WordPress. That's not why they're built. Okay, so this is why it complements. So I'm getting some information here that I'm saying, hey, fix this stuff because your site is very weak. So let's go in into the settings. All right, there's the overall setting here from features, but we're gonna go into the main settings over here in the menu. Alright, so first off, the level of security is deactivated. We have the safe mode, which changes first of all, the link that you're using to log in. So to log in to your site, you go to WP login, WP admin and hacker bot know that. And even hackers who wants to hack your site know that. So that's the first thing that we have to work on is change that link. So if I click on safe mode, it's going to change the path to all of these. So for example, my new logins will be new login. Now heads up. You need to remember that you have a new login link so you don't forget. Okay, and it changes other pets. Also for content includes uploads, after and all of those. Okay to hide all those little weak points where the hacker bots will find out that it's a WordPress site. I can activate it, but before I do, there's another option which is ghost mode. Again, there's another type of change to path links, but we're going to use the safe mode, right? We're not going to go overboard with this. It's going to update. Once I click save, go ahead and save it. Okay. And now we have a new login site URL. Okay. So it's this one right here. New login. Let's go check it out. Ssl, open any Cognito mode. Let's go into the login site. And there it is. Now, before what I used was WP admin. But guess what. Now it takes me to the home page. It doesn't work anymore. And if I go to login not found app those two login page. So now we just hide the fact what the login URL is. So that's one of the most important parts. Okay, and in case you can't log in, use this safe URL. So you want to save this URL in a notepad somewhere where you can have it. If you just forget what that link is, but you're going to get used to it once you start using it and you can customize what that login is also okay and we can use simulate CMS. So right now is simulating Drupal eight, but you could change another one if you like. Okay, if we're good to go. Yes, it's working. We just tested it. So we have the new login site. Next thing is the admin security. So we can custom admin path. We'd like. Okay, if you want to change this one, remember we tested it and it's not working. If I want to use a custom one, I can do so right here. I can hide WP admin. I can hide WP admin from non admin users, which also I would say save. Alright, login security again, we can change the login custom path. You saw that it was new login, but if they're used to using something more common to you, we'll use something else. Maybe you're using log into my site and that's probably what you're used to on your other WordPress sites or something like that. Well, you can customize your own. Let's keep it how it is. We can hide WP login. We tested it also it's hidden. Hide the login path. Custom lost password path. We can customize that custom register path custom logout path and we can customize all these permalinks for that. So they don't find which links you're using a security. Custom Ajax passive we like again, we can customize in high WP admin Ajax, change the path to Ajax calls and every single one of these settings has this little question Mark. If we click on it, it's going to give us details of what it's for and what it's going to do. So it's pretty cool that they took the time to actually do that because there are some of these things that you're not going to know what it's form, right? Because I'm not dedicated to hacking sites. I'm not even a white hat hacker. So some of these SaaS you'll have to find out what they're for. Custom author path as it's changed to writer. Alright, you can hide it. Wp core security again, we can hide all of these he WordPress common pass. I would suggest yes. So we won't hide all of these. Make sure that everything is working fine and it's not interfering with your SEO plugin that you might have because changing path and we can hide all these type of files. Okay, hide word press common files that's enabled already disabled directory browsing. Let's go ahead and enable it. Plugin security again. Custom plugin path instead of saying plugins. Well, it's saying modules. So it's hiding everything that it might try to find and you can customize this to whatever you like. So modules plugin so you don't forget what it's for, but it's just different to what hacker bots are used to looking for. Hide all the plugins. Hide WordPress old plugin pass show advanced options to customize plugin names. So right now I only have one plugin installed, but I can customize what the name is. So if hacker bots are looking for specific plugins because they know they have bowl never ties. Well, they're going to not know because you're changing that name to it. Okay, let's go ahead and save it. Theme security again, we can change the information for this custom theme path so it's changed to views instead of you know what we could change it also aspect template styles instead of themes. High themes name had WordPress old themes pass pass custom theme style name. So it changed the design. Show advanced options custom theme names. So again, for example, I have installed DB Astron cadence if I'm using DB. Well I don't want to have them find what I'm using. Alright, so I'm using I don't know. Custom theme blah blah blah. Right. So it's not going to say Div anymore. So the hacker bot won't find out it's using Div, so it's trying to see where they might look for. So you don't find out API Security custom WP JSON path. I really recommend that you check if it doesn't interfere with other plugins because they might be using this high rest API URL Disable Rest API axis Disable XML RPC axis. So you're good to go with all of these. You can go ahead and save them. Firewall and header security changes that happen right here. Strict transport security content security policy and all these options. Okay, you can have these checked out these little warnings because they might interfere with other things. Remove unsafe headers, block them detector crawlers beta firewall against script injection. You can save that other options. Custom category, path, custom Tags and all those options. Now let's jump into the Tweaks category. I'm not saving because this is just a test site tweaks. All right, redirect hidden path to front page. So remember when they try to I tried to log into the site with the old login path. It took me to the front page. But what if I want to change it to a four, four page or demo home or whatever page you have. You can send them there. Do log in and log out. Redirect save that mapping. Oh, I have some tweaks over here. My bad going back to tweaks the feed and side map so you can hide the side map links Tags. So this is the sitemap that it comes with, but we can change it. Change the path to RSS feed so they don't know what the RSS feed and they don't feed from it. Change path to sitemap XML again. Make sure that it's not interfering with SEO plugins that your Google Web master does know what the side path URL is. Hide the path in Robot TXT change options for past login users change relative URL to absolute URLs hide options so you can hide the admin bar hide version from images. Yeah, the CSS and JS and WordPress hide the ID from made attacks. Hide WordPress DNS a lot of options that are really useful. Himation hide embedded scripts. It's going to mapping. No, I'm still over here. Why do I want to get out of here? Disable options. This one is really useful. I think this could be useful for most of us is for example, if you want to disable right click from the website so they don't steal your images so you don't copy and paste and all of that disable inspect elements disabled view source disabled, copy paste. So you sell that that's disabled and they're gonna get a message if they tried to do it. I mean it doesn't hide the fact it's probably Chrome extensions will still work. That's my thought, but it's good to have it disabled. Drag and drop images disabled debug in front page. Alright, mapping. Let's go ahead and leave this here and we have more options again for text mapping instead of WP caption. It's going to be only caption or unless you change it to something custom that you might know. Wp custom. Change another one and map all the type of links that you're using. Url mapping again, you can use your customized for example, they give you an example. You can change this to this or this to this. Alright, so custom URL change one to another. Cedn. If you have other apps, you can then then you can customize it here. Experimental auto ICSS and JS files, text mapping and CSS heads up. I don't recommend that you tweak this if you have a cache plugin. All right, so if you don't have a cache plugin, then go ahead and use these for optimization, but make sure they're not breaking your site. So go ahead and test it in incognito mode before you set this site to live and just use it as it is. Now let's go into brute force. These are the brute force options that it gives you. If you have a security plugin that is working fine and it has brute force attack prevention system, then you don't need to enable this. But if you're not using that, then go ahead and enable it. So it removes the way for hackers to just try to hack into your side by brute force. Okay, so you can do Max file attempts so you can set it to 510. 20 whatever you want to set it. The band duration. How many seconds do you want to ban them? So that'll be the next time they'll try to log in again for yourself. If you miss the login attempt for five times, you're gonna have to wait this amount of seconds, so be aware of them unless you have that link that they provide to login. Right lockout message whitelist IPS. So if you know what your IP is, your teammate, your virtual assistant or whatever, add these IP here and they won't get blocked. Okay, band IPS if you know that there's a list of IPS that you need to ban we'll just list them here if you want to enable Google Recapture V two or V three. This is available, but you will have to get the capture information, the site key for these. Okay, it's super easy to do. There's several tutorials on doing this. I recommend that you actually enable this right? You can see the event logs right here. We shouldn't have any events slack because this is just a test site. So log users events and do you want to see the logs for these type of user roles? You can enable that security checks. Let's go ahead and check that out. So here's a security check of what's going on on your site. So what PHP version are you using my SQL version? So we're at with all of these and we're seeing some information here. For example, database prefix. Hey, it's using WP. There's a vulnerability there that hacker bot will find out that you're using WordPress because it's using that. So go into info and customize it so it doesn't start with WP underscore. Alright, security key updates. Here's a set the recommendations and information to know what it's for. Right. So you can do it. Some of these will have to fix it. So because I didn't enable these, I'm doing a test sign but they tell you what is going on here and you can go ahead and fix it and then start a scan again. All right. There's the plugins settings right here that they recommend. These guys are the same ones from SEO Squarely, which is really popular. Right. And there's other popular plugins that they are recommending. Let's see if they're recommending a security plugin here. Security security item security. So these are two security plugins that they are recommending. Recon Wordfence works. Fine. If you guys want to use that slack up and restore it, just backs up the settings from this plugin. It's not a backup or restore plugin completely. Alright, just backup the settings from this. It might work if you already set the settings here and you want to use it on another WordPress site that you install this plugin that is pretty useful to save time and just punch in the settings that you already have for me. Back up advance there's the advanced settings rollback settings to custom safe URL parameter compatibility compared with managed to be plugins late. Loading clean login page email notifications if you want to get notified from changes with the change admin and log in URL if it changes, you're gonna get an email application which I think is pretty useful and then my account to jump in to Hide My WP Ghost account which we're not gonna go there. But like I mentioned before, this plugin compliments with your other security plugin. Now why do other security plugins don't have these settings or they do have some but not as complete as this one because like I mentioned before, they are not meant to hide using WordPress they are just meant to provide security. They're providing firewall malware scanner and a brute force attack prevention system and a few settings, but they're not meant to hide the fact that using WordPress. So this one comes in handy to prevent most of those brute force attacks by just hiding the fact that you're using WordPress. So there you go. Like I mentioned before, it's a lifetime deal that's going on right now. $118 is a sweet deal for unlimited sites. So if you guys want to grab it, that link will be in the description. It's an affiliate link. If you buy some through that link, it helps me out with a small Commission, but it won't cost you a single set more what it already cost. It's going to cost you. But it helps me with a small Commission to keep on making videos for you guys. I thank you all for watching. My name is George. This is SaaS Master, and I'll see you guys later.
Info
Channel: SaaS Master
Views: 2,177
Rating: undefined out of 5
Keywords: saas master, hide my wp, hide my wp plugin, hide my wordpress, hide wordpress source code, setup hide my wp, wordpress plugin, hide my wp ghost, hide wordpress login, hide wordpress admin, appsumo, hide my wp ghost appsumo, hide my wp lifetime deal, hide wordpress theme name and directories from the source code, hide my wp ghost – security plugin, hide my wp review, hide my wp ghost lite, how to hide my wp dp, how to hide wp-admin in wordpress
Id: jo96ELWPXaA
Channel Id: undefined
Length: 17min 45sec (1065 seconds)
Published: Thu Oct 14 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.