Hide My WordPress — Security Plugin


Hide My WP it’s a WordPress Security plugin. You can change and hide WordPress Admin and Login URLs to increases your Wp Security against hacker’s bots.

Protect your WordPress website by hiding the WordPress Admin and Login URLs to increases your Wp Security against hacker’s bots.

The plugin has over 50.000 active installs. Thank you all for your trust and support!

Hide My WP Lite Features:

  • Hide WordPress wp-admin URL and redirect it to 404 page or a custom page
  • Hide WordPress wp-login.php and redirect it to 404 page or a custom page
  • Change the wp-admin and wp-login URLs
  • Lite WordPress Security Features

The FREE version does not work for Multisites, Nginx and IIS. Only the PRO version does!

To hide all the common WordPress paths you need the PRO version. Check all the PRO features below.

The admin URL is the most common path that hackers use to break your WordPress site.

Being able to cover up the common paths is critical, because you get to keep intruders away from sensitive website data.

This is crucial, and it will provide you with a great experience and really good results in the long term.

It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well.

If you don’t protect yourself, you will end up having a hacked site sooner or later.

This is a free version of the plugin so you can use it for all your blogs without any restrictions.

No theme or other plugins functionality will be blocked, everything will function the same

Note: The plugin requires custom permalinks. Make sure you have it activated at Settings > Permalinks

Hide My WP PRO features:

  • Hide WordPress wp-admin URL
  • Hide WordPress wp-login.php
  • Custom admin and login URL
  • Custom wp-includes path
  • Custom wp-content path
  • Random plugins name
  • Random themes name
  • Random themes style path
  • Custom plugins path
  • Custom uploads path
  • Custom authors path
  • Custom comment URL
  • Custom category path
  • Custom tags path

  • Remove the meta ids

  • Hide _wpnonce key in forms
  • Hide wp-image and wp-post classes
  • Hide Emojicons if you don’t use them
  • Disable Rest API access
  • Disable Embed scripts
  • Disable WLW Manifest scripts

  • Brute Force Attack Protection

  • Math function in Login Page
  • Custom attempts, timeout, message

  • Support for WordPress Multisites

  • Support for Nginx
  • Support for IIS
  • Support for LiteSpeed
  • Support for Apache
  • Support for Bitnami Servers

  • Recommended by Wp Rocket plugin

Protection against:

  • Brute Force Attacks,
  • SQL Injection Attacks
  • Cross Site Scripting (XSS)

See all the PRO features:

Hide My WP Knowledge Base:

Once you use the Hide my WordPress PRO, you will get custom upload paths, author paths, plugin paths and so on.

You will also have the ability to remove unwanted classes, hide content, disable scripts and so on.

Hide my WordPress PRO does a optimal job at helping you get support for multisites, for Bitnami Servers, Apache, LiteSpeed, Nginx, Wp Rocket Plugin and many others.

It is worth it, so you may want to check it out.

Also, just because you want to add a WordPress Security plugin that hides the common paths, that doesn’t mean the plugin has to be slow.

Hide my WordPress PRO is very fast, and it won’t impact your website in any negative way.

On the contrary, it will hide the common paths, deliver all the WordPress Security features above and much more while also keeping the site faster at all times!


  • Choose the desired level of WordPress Security for your site
  • Change the URLs wp-admin and wp-login.php to different URLs. This is a very important WordPress Security step.
  • Choose to hide the wp-admin and wp-login.php to increase the WordPress Security and hackers will get 404 errors
  • Login to your site with the new Hide My WP login URL
  • You'll be redirected to the new Hide My WP admin URL


  1. Log In as an Admin on your WordPress blog.
  2. In the menu displayed on the left, there is a «Plugins» tab. Click it.
  3. Now click «Add New».
  4. There, you have the buttons: «Search | Upload | Featured | Popular | Newest». Click «Upload».
  5. Upload the hide-my-wp.zip file.
  6. After the upload it’s finished, click Activate Plugin.
  7. Enjoy the WordPress Security Plugin

Hide My WP Knowledge Base:

Часто задаваемые вопросы

Installation Instructions
  1. Log In as an Admin on your WordPress blog.
  2. In the menu displayed on the left, there is a «Plugins» tab. Click it.
  3. Now click «Add New».
  4. There, you have the buttons: «Search | Upload | Featured | Popular | Newest». Click «Upload».
  5. Upload the hide-my-wp.zip file.
  6. After the upload it’s finished, click Activate Plugin.
  7. Enjoy the WordPress Security Plugin

Hide My WP Knowledge Base:

Is this plugin working on WP Multisite?

Yes, this feature is only available on the Hide My WordPress PRO version.

The PRO version also works with Apache, Nginx, IIS and LiteSpeed servers

Please visit: https://wpplugins.tips/wordpress

I forgot the custom login and admin URLs. What now?

Don’t panic.

You can still access your site with the secure parameter

Locked out of my site! I set the plugin, and when I left I can’t manage to get in

Rename the plugin directory /wp-content/plugins/hide_my_wp so that the plugins wouldn’t hide the wp-admin path

Save it and it should be back from where you left it.

Make sure you remember the secure parameter, and it will be much simpler.

Is this plugin working if I don’t have custom permalinks on my site?

No. You need to have custom permalinks set on in Settings > Permalinks.

You will get a notification in the Settings page if something is not setup right.

What to do before I deactivate the plugin?

It’s better to switch to Default mode in Settings > Hide my wp.

If you don’t, the plugin will automatically change your site back to the safe URLs, and it will tell you what to do in case you don’t have write permission for the config files

Is this Plugin free of charge?

Yes. The Lite features of Hide My WP plugin will always be free.

We will include all the required WordPress Security updates.

To unlock all the features, please visit please visit: https://wpplugins.tips/wordpress

Is this plugin enough to protect my website from all hackers?

The free version of Hide My WP hides the wp-admin and wp-login as described but will not protect you from all the hackers attack.

Hide My WordPress PRO hides all the common paths and patterns used but bots to detect that you are using WordPress.

We also recommend you to install Premium Themes and Plugins and not just any WordPress plugin because the free plugins are usually made by beginners and they don’t have security knowledge.


Looks Good. Very Good!

After trying all day to hide the wp-admin folder, via both plugins and code snippets, as recommended by various bloggers and Stack experts, I finally resorted to … YouTube videos, one of which featured some guy installing Hide My WP Lite. I watched, I installed, I smiled.

If this plugin continues to function for the duration of my personal trial period (90 days) then my double-digit USD donation will be sent.

Thanks much.

Good Plugin, simple and it works

Not much more you can ask for. Shield was blocking legitimate users, and we needed a random URL to login with for security. This thing delivered exactly what it said it would. I screwed up the settings first time but the recovery link worked. Then I got it right and no troubles since. Thanks guys. Word to your mums.

Totally useless

The plugin is totally useless. The custom url I set is not working and always show the 404 error. I almost lost my website!

Easy to setup and Works perfect

Great plugin, exactly what i was looking for. WORKS AS DESCRIBED! Other plugins will take you to a page that says «disabled» or other pages that look like a wordpress page. I have tried other plugins and then I found this one. This plugin will allow you to create a custom login URL and redirect the wp-admin and wp-login.php to any page you specify.

Посмотреть все 57 отзывов

Участники и разработчики

«Hide My WordPress — Security Plugin» — проект с открытым исходным кодом. В развитие плагина внесли свой вклад следующие участники:


Перевести «Hide My WordPress — Security Plugin» на ваш язык.

Заинтересованы в разработке?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Журнал изменений

1.1.037 (08 Feb 2018)

  • Hide My Wp is compatible with WP 4.9.4
  • Increased WordPress Security in Frontend

1.1.036 (20 Jan 2018)

  • Update compatibility with more themes and plugins
  • Fixed .htaccess duplicate issue

1.1.034 (11 Dec 2017)

  • Hide My Wp is compatible with WP 4.9.1

1.1.033 (13 Nov 2017)

  • Hide My Wp is compatible with WP 4.9
  • Compatible with more WP Themes and Plugins

1.1.032 (27 Sept 2017)

  • Hide My Wp is compatible with WP 4.8.2

1.1.031 (18 Sept 2017)

  • Hide My Wp is compatible with WP 4.8.1
  • Update wp-admin script injection
  • Compatible with more WP themes
  • Increased wp-login security

1.1.028 (17 July 2017)

  • WordPress Security Updates

1.1.027 (3 July 2017)

  • Fix — Logout 503 error
  • Fix — Call the remove_filter with the wrong number of parameters

1.1.026 (9 June 2017)

  • Compatible with WP 4.8

1.1.025 (11 May 2017)

  • Added login redirect for WordPress security loop protection
  • Added the option to hide the new admin path. This is optional now
  • You can call the new admin path without /

1.1.023 (2 May 2017)

  • Compatible with BoddyBoss Theme
  • Fixed small bugs
  • Fixed the $user->has_cap error on WordPress security login

1.1.022 (21 Apr 2017)

  • Fixed rewrite for automatic upgrades
  • Compatible with WP 4.7.4
  • Increased the speed in Hide My Wp


  • Fixed redirect for Forgot Password and Register options
  • Fixed redirect for /login for several themes
  • Protect from errors in case the user enters both admin and login with the same name
  • WordPress Security Updates


  • Fixed the Submenues for the last version of WordPress


  • Added the custom redirect page for the hidden paths
  • Removed the generator information


  • Fixed the notification issue for some themes
  • Fixed wp-admin redirect to login in some cases
  • Compatible with WP 4.7.3


  • Better hide the wp-admin path from not logged in users in the Lite Mode
  • We added the support feature for you
  • WordPress security updates


  • Compatible with WP 4.7.2
  • Improved the hide URLs feature
  • Removed the wp-config.php insertion
  • Fixed the loop on sign in
  • Prevent errors for IIS server
  • Added recommended websites


  • Compatible with WP 4.7
  • Hide My WP knowledge base released
  • Fixed memory load alert
  • Fixed small bugs


  • Fixed https ajax in http frontend
  • Settings are not lost after plugin or theme activation


  • Fixed redirect if the 404 page doesn’t exists


  • Changed the Lite options
  • Fixed small bugs
  • Compatible with the last version of WordPress
  • Compatible with WordPress 4.6.1
  • WordPress security updates


  • Remove all data on plugin deactivate
  • Update saved data on user logout
  • Don’t change the settings unless the user logs out from admin


  • Send URLs and safe parameter by email on important changes
  • Fixed small bugs in Hide My WP


  • Fixed save_mod_rewrite_rules issue
  • Compatible with WordPress 4.6
  • Fixed small bugs for plugin css


  • Fixed issues with Nginx, IIS, and Litespeed servers
  • Prevent hiding the wp-admin and wp-login in Lite Mode
  • Improved login with the safe parameter


  • Hide the /wp-login path


  • Compatible with WordPress 4.5
  • Main WordPress security features
  • Hide My WP first release