MainWP + Hide My WP Ghost

Researching

ММ

Максим Миронов

2 years ago

Hide My WP Ghost work plugin tech support response:

"Seems that for your website, MainWP needs the wp-admin path unchanged.

We checked with different configurations and I could sync the MainWP Child and update the plugins and security only when the wp-admin was unchanged."

Can you make a setting in MainWP so that when adding a site there is a field where you can specify a different admin path? that MainWP worked if instead of wp-admin I specify a different path, for example site-name-admin. that is, the path to the plugins will not be the same

/wp-admin/plugins.php

and such

/13-admin/plugins.php

or any other path to the admin panel that I need. This is an important security feature that hides WordPress from users.

do you need to make an official request from Hide My WP Ghost tech support? or you will make compatibility without it.

I want MainWP to work well with Hide My WP Ghost, but now I have to disable the function that hides the admin area

Activity

JK

Jos Klever

2 years ago

Hiding elements of the child sites like login or admin is called "security through obscurity". It's like hiding the door of your house because you don't trust your lock. It can cause all kinds of issues and doesn't make your sites more secure and give you a false sense of security. This (and other tips) are discussed in the video you can find on:

https://www.wordfence.com/blog/2020/08/10-wordpress-security-mistakes-you-might-be-making/

ММ

Максим Миронов

2 years ago

I do not use the wordfence plugin, it is not of high quality and very unreliable.


I use iThemes Security Pro + Hide My WP Ghost

and the authors of these plugins recommend hiding /wp-admin/.

I hid /wp-admin/ and everything works very well except MainWP. So I want to fix this.


We need MainWP to give us the ability to use the features of Hide My WP Ghost

18 hidden items

EC

Eric Caldwell

last year

This isn't a MainWP problem to fix. What's needed is a better hosting company. I run a hosting company and we use mod_security and Imunify360 to protect websites. If we notice a client has installed a security plugin, we remove it. The reason is these security plugins aren't needed if your hosting company has an adequate level of security at the server instead of leaving it up to clients to install and maintain these plugins. Also, we're a LiteSpeed shop so you can get free LSCache running. Pros and cons to LSCache and others. If we see clients using weird caching plugins, we offer to replace it with LSCache.

JC

Jasmyne Churchley

2 weeks ago

its heather we need to meet and talk please eric I am on the street can you stop talk to me at night I stay around goodwill please I am stuck from blocks


Powered by Convas