Learn how to download and install WP Ghost plugin from WordPress directory.
This tutorial will teach you how to install, activate, and set up the WP Ghost plugin in Lite Mode.
Upload and Install the Plugin
- Log In as an Administrator on your WordPress dashboard.
- Click to browse and upload the hide-my-wp.zip file.
- From the plugins list, click on the Settings link to go to plugin’s settings.
- Connect the plugin using your email address to get an instant free access token.
Note! The Lite Mode will not protect you from all the hacker bots attacks. If you need a complex security plugin, please read here.
Activate Free Token
It’s time to add your email address and activate the plugin with a free token.
Once the plugin is active, you will also have access to your WP Ghost Dashboard account, where you can manage all the connected websites with the same email address, monitor your websites, and receive security reports.
- Paste your email address into the activation field of the WP Ghost plugin.
Note! If you don’t want to connect to the WP Ghost dashboard and manage your websites and security monitors, click Skip Activation. You can activate it later if you want.
Activate Lite Mode Settings
Once you activate the plugin, you will be redirected to the WP Ghost > Overview page, where you will see all the features you can activate with just one click.
- Go to WP Ghost > Change Paths > Level of Security.
- Select the Lite Mode and check the popup information..
Customize Paths
After you confirm the Ghost Mode, the paths will be automatically changed with the predefined ones.
Now you can customize the paths as you desire.
- Admin Security – customize and hide the wp-admin path (optional). more details
- Login Security – customize and hide the wp-login.php path. more details
- Ajax Security – customize the admin-ajax.php path in frontend. more details
- WP Core Security – customize and hide the WordPress common paths and files. mode details
- Plugins Security – customize the plugins path and names in frontend. more details
- Theme Security – customize the themes path and names in frontend. more details
- API Security – customize and hide the REST API path and XML-RPC. more details
- Firewall & Headers Security – add Headers Security and Firewall protection. more details
Note! You have to remember the new login path because you will have to access it directly every time you connect to your website.
After customizing the paths, click the Save button to apply the changes.
Server Configuration
If WP Ghost can’t write the rewrite codes on your config files (.htaccess for Apache, nginx.conf for Nginx, web.config for IIS), you will be asked to do this manually.
Follow the instructions and click the Okay, I set it up button
If you installed the plugin on Nginx Server, you need access to the nginx.conf file or a managed hosting plan.
You need to add the config line in Nginx and restart the server only for the first time. All the rewrite rules are present in the hidemywp.conf file.
Learn how to include the config line in Nginx File
Note! For Nginx Servers, you need to restart Nginx after each customization with the command:
sudo nginx -s reload
Set AllowOverride all on Apache Servers
Note! For Apache Servers, you need to make sure you set the AllowOverride All option for your current directory in httpd.conf or apache2.conf.
Security Check
Go to Security Check section and run a test to make sure all the critical settings and tweaks are set correctly.
