Install WP Ghost Free Plugin

Learn how to download and install WP Ghost plugin from WordPress directory.

This tutorial will teach you how to install, activate, and set up the WP Ghost plugin in Lite Mode.

Upload and Install the Plugin

1. Log In as an Administrator on your WordPress dashboard.
2. In the WordPress menu, go to Plugins > Add New Plugin tab.
3. Click on the Upload Plugin button from the top of the page.
4. Click to browse and upload the hide-my-wp.zip file.
5. After the upload, click the Activate Plugin button to activate the plugin.
6. From the plugins list, click on the Settings link to go to plugin’s settings.
7. Connect the plugin using your email address to get an instant free access token.

Note! The Lite Mode will not protect you from all the hacker bots attacks. If you need a complex security plugin, please read here.

Activate Free Token

It’s time to add your email address and activate the plugin with a free token.

Once the plugin is active, you will also have access to your WP Ghost Dashboard account, where you can manage all the connected websites with the same email address, monitor your websites, and receive security reports.

1. Paste your email address into the activation field of the WP Ghost plugin.
2. Click Activate button to register the free license on your website.

Note! If you don’t want to connect to the WP Ghost dashboard and manage your websites and security monitors, click Skip Activation. You can activate it later if you want.

Activate Lite Mode Settings

Once you activate the plugin, you will be redirected to the WP Ghost > Overview page, where you will see all the features you can activate with just one click.

1. Go to WP Ghost > Change Paths > Level of Security.
2. Select the Lite Mode and check the popup information..
3. Click the Continue button on the popup window to load the predefined paths.

Customize Paths

After you confirm the Ghost Mode, the paths will be automatically changed with the predefined ones.

Now you can customize the paths as you desire.

• Admin Security – customize and hide the wp-admin path (optional). more details
• Login Security – customize and hide the wp-login.php path. more details
• Ajax Security – customize the admin-ajax.php path in frontend. more details
• User Security – customize the author path in frontend. more details
• WP Core Security – customize and hide the WordPress common paths and files. mode details
• Plugins Security – customize the plugins path and names in frontend. more details
• Theme Security – customize the themes path and names in frontend. more details
• API Security – customize and hide the REST API path and XML-RPC. more details
• Firewall & Headers Security – add Headers Security and Firewall protection. more details

Note! You have to remember the new login path because you will have to access it directly every time you connect to your website.

After customizing the paths, click the Save button to apply the changes.

Server Configuration

If WP Ghost can’t write the rewrite codes on your config files (.htaccess for Apache, nginx.conf for Nginx, web.config for IIS), you will be asked to do this manually.

Follow the instructions and click the Okay, I set it up button

If you installed the plugin on Nginx Server, you need access to the nginx.conf file or a managed hosting plan.

You need to add the config line in Nginx and restart the server only for the first time. All the rewrite rules are present in the hidemywp.conf file.

Learn how to include the config line in Nginx File

Note! For Nginx Servers, you need to restart Nginx after each customization with the command:
sudo nginx -s reload

Set AllowOverride all on Apache Servers

Note! For Apache Servers, you need to make sure you set the AllowOverride All option for your current directory in httpd.conf or apache2.conf.

Security Check

Go to Security Check section and run a test to make sure all the critical settings and tweaks are set correctly.