WP Ghost is a hack-prevention security solution for your WordPress site. Together with the BBQ Firewall plugin, it will boost your website security by stopping hacker bot attacks, spammers, and viruses and preventing data loss.
HMWP Ghost will complement the BBQ Firewall plugin by offering an extra layer of protection that the other doesn’t provide.
BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like:
eval(, base64_, and excessively long request-strings.
Security features that you should activate in WP Ghost when both plugins are active on your website. We recommend activating the features that are not present on both plugins to maximize website security.
| Features | WP Ghost | BBQ Firewall |
|---|---|---|
| Change/Hide wp-admin Path | ✅ | ❌ |
| Change/Hide wp-login Path | ✅ | ❌ |
| Change/Hide Lost Password Path | ✅ | ❌ |
| Change/Hide Register Path | ✅ | ❌ |
| Change/Hide Activation Path | ✅ | ❌ |
| Change/Hide Logout Path | ✅ | ❌ |
| Change/Hide Ajax Path | ✅ | ❌ |
| Change/Hide wp-content Path | ✅ | ❌ |
| Change/Hide wp-includes Path | ✅ | ❌ |
| Change/Hide uploads Path | ✅ | ❌ |
| Change/Hide wp-comments-post Path | ✅ | ❌ |
| Change/Hide Plugins Path | ✅ | ❌ |
| Custom Plugins Name | ✅ | ❌ |
| Change/Hide Themes Path | ✅ | ❌ |
| Custom Themes Name | ✅ | ❌ |
| Change/Hide Rest API Path | ✅ | ❌ |
| Hide WordPress Common Paths | ✅ | ❌ |
| Hide WordPress Common Files | ✅ | ❌ |
| Disable Pinback & XML-RPC access | ✅ | ✅ |
| Change Paths in Sitemap and Robots | ✅ | ❌ |
| Hide Admin Toolbar | ✅ | ❌ |
| Login/Logout Custom Redirects | ✅ | ❌ |
| Disable Clicks and Keys | ✅ | ❌ |
| Text Mapping | ✅ | ❌ |
| URL Mapping | ✅ | ❌ |
| CDN Mapping | ✅ | ❌ |
| Firewall | ||
| 7G and 8G Firewall | ✅ | ❌ |
| Firewall Against SQL/Script Injection | ✅ | ✅ |
| Header Security | ✅ | ✅ |
| Country Blocking | ✅ | ❌ |
| Blacklist IPs and Paths | ✅ | ✅ |
| Whitelist IPs and Paths | ✅ | ✅ |
| Two-Factor Authentication Code | ✅ | ❌ |
| Two-Factor Authentication Email | ✅ | ❌ |
| Temporary Logins | ✅ | ❌ |
| Magic Link Login | ✅ | ❌ |
| Brute Force Protection | ||
| Math reCaptcha | ✅ | ❌ |
| Google reCaptcha V2 | ✅ | ❌ |
| Google reCaptcha V3 | ✅ | ❌ |
| Limit Login Fail Attempts | ✅ | ❌ |
| Lost Password Form Protection | ✅ | ❌ |
| Register Form Protection | ✅ | ❌ |
| Comment Forms Protection | ✅ | ❌ |
| WooCommerce Login Protection | ✅ | ❌ |
| Configurable Lockout Time | ✅ | ❌ |
| Manage Blocked IPs | ✅ | ❌ |
| Events and Actions Log | ||
| Log Suspect User Activity | ✅ | ❌ |
| Cloud Events Log Report | ✅ | ❌ |
| Security Email Alerts | ✅ | ✅ |
| Notification Email Address | ✅ | ✅ |
Because hackers often use bots to search for security flaws in your website, it is…
The easiest way to change the default media uploads path is to use the WP…
To hide all CSS and JS you need to follow the steps to Combine the…
https://youtu.be/6ylhojSi-_E In this video, we’ll explore why website security matters and what can happen if…
The security of your WordPress site depends on multiple factors, such as the strength of…
When you enable two-factor authentication (2FA) for your WordPress website, it adds an extra layer…