08 Jul How To Hide The Fact That Your Website Runs On WordPress
WordPress Security is a significant concern for the WordPress users. We have already covered some WordPress security plugins and how they protect us from hackers. But the word “security” is a mere perspective, and there is no limit of protection. The security plugins harden the security aspect of the WordPress website, but there are some other ways to harden your WordPress website.
How To Hide The Fact That Your Website Runs On WordPress
There are many readers in our community, who were constantly asking on how to hide the fact that the site is using WordPress. The idea is not novel, but there is a lot of controversies that revolves around the hiding the fact that WordPress is being used on the website is of any advantage or not. The technique of hiding information is known as security by obscurity. Many WordPress experts believe that it doesn’t have any impact on the security aspects of the WordPress website.
You may ask, Why? According to the experts, there are hundred more ways to know that you are using WordPress website, its version and other aspects of the WordPress.
Advanced users can find tons of information about why hiding WordPress through obscurity does not change to the security parameters of the website.
Big Fish or Small Fish
There is also a concern among small business owners that the hackers would never try to hack their website as they might not be interested. The reasoning is intuitive, but the truth is different. According to the article on Forbes, almost 30,000 websites are hacked on the daily basis. Quite a staggering number.
In short, it doesn’t matter if you are the big fish (CNN, TNW, etc.) or small, you will get hacked.
But, before we move forward, let’s list some of the basic things that you can do to make your WordPress website secure.
Points to Remember even if you decide not to hide WordPress visibility to hackers
1. Number one rule of securing your website is to use strong passwords. There is no substitute for using a strong password, and you can use the random password generator.
2. Update everything when a new version release. I have seen many website owners(including the ones I work for) on how they ignore updating the core WordPress website, forget about updating plugins and themes. This can fill in a huge security hole in the website and hackers can easily exploit it to gain unauthorized access to the website.
3. Use Security Plugins such as Word Fence.
4. Two-step authentication and help keep the bots away.
Why it is a bad idea to hide the fact that your Website uses WordPress
I am not convinced of the need for security using obscurity. There are many reasons, and I have shared few of them at the start of the article.
Other reasons that may convince you not to use obscurity security management are as follows:
1. Bots attack doesn’t take the version of the WordPress into account.
2. There are hundreds of ways to know that you are using WordPress and its version.
3. Any hacker, who is hellbent to hack your website would eventually come across information that you forget to hide.
4. If obscurity were the solution, then we would never have any version released for any product in the market.
Still not convinced? Let’s do it Anyway
I understand that there are many scenarios that can lead to utilizing the obscurity aspect of security. But, whatever be the reason, we can move forward and HIDE WP from the intruders.
As WordPress ecosystem is full of useful plugins and as you have already guessed, there is a plugin for that too!
Hide My WP, a commercial WordPress plugin with sales of over 10k+ on CodeCanyon. The plugin offers great features when it comes to hiding the fact that you are using WordPress.
Hide My WP
Hide MY WP is a simple security plugin that does more than just hiding your web site WordPress usage. It is a complete firewall against a number of attacks such as CSRF, SQL Injection, XSS, Brutal Force, etc.
Furthermore, it comes with Intrusion-Detection System, a sandbox that quickly finds out when there is an intrusion into the WordPress system.
As the plugin name suggests, it hide the fact that you are using WordPress by doing some permalink changes, and all of this without changing a single line of code. It can hide plugins you use, the themes on the website and also the WordPress login page.
Other noteworthy features of the plugin are as follows:
- Supports Child Themes.
- Offers timely updates.
- AntiSpam feature included within the theme.
- Offers HTML and CSS minification option. A good way to reduce loading time.
- Blocks direct access to the WordPress PHP files.
- Supports Multi-site and works with popular server technology, Nginx, Apache, Windows Servers(ISS)
With so many features, the plugin is surely tempting for anyone who is looking for a commercial security plugin. The plugin has also received tons of positive reviews from users. With a total rating of 4.5 out of 5, the rating is one of the top rating security plugins of code canyon.
Using the Plugin is simple and intuitive. All you have to do is install and active. Default publishes most of the optimal settings. If you are looking for advanced customization, you can check the documentation.
With everything covered, I am pretty sure that you have found the answer to the question we started hunting from the beginning of the post.
I have also discussed on how it doesn’t matter if you are hiding the fact that your website is using WordPress or not as there are so many ways to know.
But, still I covered the Hide My WP plugin. The plugin do have some good features and is worth each penny you spend on it.
Have any questions regarding hiding of WP? Comment below and let us know. Also, share the article as much as you can!