Category: Articles

How to easily Hide Elementor Page Builder

WordPress Elementor plugin is a very popular drag-and-drop visual page builder, currently most used application of it’s kind. Using Elementor, guarantee to achieve impressive layouts, without any experience with programming languages like HTML, Css, php etc. Many popular themes are being created using Elementor, which allows the end users to easily maintain a site content.

Why white label code source for Elementor page builder?

Being used in so many sites, Elementor is a good target for hackers, finding a breach into a system version, grants attacker the possibility to easily compromise all other existing sites which use the same code.
Continue reading

The Easy Way to Keep Your Website Safe from Hackers

Security is a vital concern for any website owner. We talk frequently about website security, among other things, in warnings about themes and plugins and how to protect our sites from attacks. But security is quite from a simple point of view, and the steps you take to protect your website have no bounds. Have you sometimes walked out of your office, carelessly leaving your door open? Maybe more than once, right? This is natural. We are not often worried about managing potential jeopardizes until it goes out of hand. This is also very much applicable to your website. Continue reading

Replace arbitrary URL’s with custom ones

This functionality is available for PRO version.

The WP Hide plugin provides many modules through which a site owner can rewrite all default URL’s, making WordPress indistinguishable. This is a perfect strategy to keep intruders outside, as any WordPress or plugin vulnerability which get in a hacker hands, will be exploited to get full access to the site. Closing all default entry points and re-writing paths to specific assets will makes a penetration close to impossible. Continue reading

Replace arbitrary words from page HTML through a visual interface module

This functionality is available for PRO version.

This module helps with final touches on hiding WordPress for a website. While other plugin components take care of all urls and paths replacements, there may still be specific words and texts inside the code which are required to be changed. Using the free plugin, there was a code approach through the filter wp-hide/ob_start_callback however not everyone is comfortable doing programming. Continue reading

Set-up Wp Hide PRO for WordPress MultiSite

This functionality is available for PRO version.

Creating a network of sites with WordPress is a powerful functionality, the simplicity of set-up makes it the best option to consider. Mainly a MultiSite network is a collection of sites that all share the same WordPress installation. This sounds simple to manage but it become a complex problem when it come to rewrite and block specific urls while preserving compatibility. The free WP Hide & Security Enhancer plugin can handle single site WordPress install, however can’t run correctly under MultiSite environment. Continue reading

Plugin Changelog

For WP Hide PRO check the following link WP-Hide PRO – Changelog

The plugin is actively maintained, we work hard to improve the code and add new functionality.

= 1.5.9.3 =
* Check for filterable buffer content type, before doing replacements, to prevent erroneously changes
* Update only URLs on XML content type
* Updated plugin demo site URL on readme file
* Compatibility update for ShortPixel Image Optimizer plugin
* Notice possible issue for Cron block on certain servers

= 1.5.9 =
* New admin interfaces skin.
* Relocated plugin assets within a different folder for better organisator.
* Updated mu-loader module
* Add help and hints for each options for easier understanding.
* Allow same base slug to be used for individual plugins
* Updated language file
* Check if environment file is not available and outputs admin messages
* Environment class with relocated environment json, to avoid security scanners false reports.
* Cache Enabler plugin compatibility module
* WoodMart theme compatibility
* Compatibility module for WP Smush and WP Smush PRO plugins
* Add the new filter available for WP Rocket to change css content
* WebARX compatibility module update
* W3 Cache module update

= 1.5.8.2 =
* Ensure base slug (e.g. base_slug/slug ) is not being used for another option to prevent rewrite conflicts
* Return correct home path when using own directory for WordPress and hosting account use the same slug in the path.
* Relocated get_default_variables() function on a higher priority execution level, to get default system details.
* Switched Yes / No options selection, to outputs first No then Yes ( more logical )

= 1.5.8 =
* Add reserved option names to avoid conflicts e.g. wp
* Always clear any code plugin cache when plugin update
* Easy Digital Downloads compatibility
* Elementor plugin compatibility
* Fusion Builder plugin compatibility
* Divi theme compatibility updates
* WP Fastest Cache plugin compatibility updates
* Check if ob_gzhandler and zlib.output_compression before using ‘ob_gzhandler’ output buffering handler

= 1.5.7 =
* Autoptimize css/js cache and minify compatibility
* Wp Hummingbird and WP Hummingbird PRO assets cache compatibility

= 1.5.6.9 =
* New functionality: Remove Link Header

= 1.5.6.8 =
* Fix: Call for invalid method WP_Error::has_errors()
* Fix: Attempt to clear Opcache if API not being restricted

= 1.5.6.7 =
* Allow internal cron jobs to run even if wp-cron.php is blocked.
* Check with wp_filesystem for any errors and output the messages, before attempt to write any content
* Trigger site cache clear on settings changed or code update
* Slight css updates
* Mark block option in red text for better visibility and user awareness

= 1.5.6.4 =
* Fix: Keep double quote at the start of the replacements when doing JSON matches to avoid replacing strings for other domains
* Fix: Run compatibility pachage for “ShortPixel Adaptive Images” only when plugin is active

= 1.5.6.3 =
* Fix: remove javascript comments produce worng replacements on specific format.

= 1.5.6.2 =
* Use curent site prefix when retreiving ‘user_roles’

= 1.5.6 =
* Fix BBPress menus by calling directly the wp_user_roles option ratter get_roles()
* Replace comments within inline JavaScript code when Remove Comments active
* Possible login conflict notices when using WebArx, WPS Hide Login
* New action wp-hide/admin_notices when plugin admin notices
* Return updated url when calling admin_url instead replaced when buffer outputs to ensure compatibility with specific plugins

= 1.5.5.9 =
* Compatibility module for ShortPixel Adaptive Image plugin
* Add support for texarea fields within plugin options interface
* Fixed urls for minified files when using WP Rocket cache plugin

= 1.5.5.7 =
* Filter remove fix

= 1.5.5.6 =
* Fix log-in page when using Wp Rocket cache

= 1.5.5.5 =
* Fix admin dashboard replacements when using Wp Rocket cache

= 1.5.5.4 =
* Fix Wp Rocket cache when using Minify and Concatenation
* New functionality – Remove Admin Bar for specified roles
* Module block structure extend to support ‘callback_arguments’ to passThrough additional data to processing function
* Redirect the default non-pretty-url search url to customized one

= 1.5.5 =
* New component: Rewrite Author
* New component: Rewrite Search
* Show recovery link on top of page to ensure everyone can save the link to use if something goe wrong.
* Send recovery code to site admin e-mail
* Minor Code adjustments
* Send new login url to site admin e-mail, to ensure user can recover access to dashboard if forget new slug
* Removed unused methods within WPH_module_rewrite_new_include_path component

= 1.5.4.2 =
* Fix: Undefined method for WooCommerce compatibility module

= 1.5.4.1 =
* Allow rewrite for images within admin, as being reversed to default when saving the post

= 1.5.4 =
* Compatibility re-structure, use a general module
* Compatibility fix for Shield Security wp-simple-firewall
* Removed the upload_dir filtering as produce some issues on specific environment, possible incompatibilities will be post-processed within General compatibility module
* Filter the post content on save_post action, to reverse any custom slugs like media urls, to preserve backward compatibility, in case plugin disable
* Ensure wp-simple-firewall run once when called from multiple components
* Update for Rewrite Slash component, use a rewrite conditional to ensure the code is not trigger for POST method

= 1.5.3.1 =
* Fix JSON encoded urls when using SSL

= 1.5.3 =
* Remove _relative_domain_url_replacements_ssl_sq and _relative_domain_url_replacements_ssl_dq replacements for buffer as being integrated to other variables
* Relocated upload_dir() to general functions.php to catch new content and uploads slugs.
* Use full domain url for new wp-admin slug, instead relative to avoid wrong replacements for 3rd urls
* Use full domain url for new wp-login.php, instead relative to avoid wrong replacements for 3rd urls
* Typos fix for CDN texts
* Additional description for “Block any JSON REST calls” option to prevent Gutenberg block
* Updated rewrite for URL Slash to include a second conditional, to not trigger on POST calls

= 1.5.2.2 =
* Add trailingslashit to plugins slug to be used for replacements to avoid wrong (partial) slug changes

= 1.5.2.1 =
* Fixed upload rewrite by using default_variables[‘upload_url’]
* WordPrss 5.0 compatibility check

= 1.5.2 =
* Updated po language file
* CDN support when using custom urls
* Moved the action replacement for wp_redirect_admin_locations at _init_admin_url()
* Trigger the action replacement for wp_redirect_admin_locations only if new admin slug exists
* Preserve absolute paths when doing relative replacements
* Populate upload_dir() data with new url if apply
* When doing reset, empty all options before fill in existing with default to ensure deprecated data is not being held anymore

= 1.5.1.2 =
* Do not redirect to new admin url unless rewrite_rules_applied()
* Generate no rewrite rules if there’s no options / reset
* Removed any passed through variables when calling the do_action(‘wph/settings_changed’) as the function can take no argument.
* Re-generate a new write_check_string on settings change to ensure if no .htacccess / web.config file is writable, it trigger correct error and flag the disable_filters variable.
* Use inline JS code confirmation for Reset Settings, in case the separate JavaScript file is not loaded caused by an rewrite issue.
* Reset confirmation message update to better inform the admin upon the procedure to follow.
* WPEngine environment check, as they do not support Apache rewrite out of the box
* Strip off protocol and any www prefix for site_url and home_url to ensure accurate comparing
* Fixed redirect url when saving the options and WordPress deployed in subfolder
* Fixed redirect url when reset all options and WordPress deployed in subfolder
* Improved compatibility for WordPress subfolder install
* Fixed some rewrite lines when WordPress installed in a path and subfolder
* Replaced the internal variable permalinks_not_applied to more intuitive custom_permalinks_applied
* Restart the buffering if flushed out, mainly used for footer when updating plugins and themes
* Add textdomain for multiple untranslated texts
* Updated PO language file
* Fixed textdomain for couple texts
* Add text to textdomain

= 1.4.9.1 =
* Updated MU Loader, if there’s no plugin active avoid to receive any notice.
* Allow new wp-login.php
* PRO version available
* Check if there’s a ‘message’ key for arguments set through wp_mail filter
* Updated po language file

= 1.4.8.2 =
* WPML compatibility when use different domains for each language
* Replaced google social as it produced some JavaScript errors.
* Do not apply the admin/login replacements if permalinks where not applied.
* Language Po file update
* Minify replaces ‘Remove new line carriage’
* Minify Html, Css, JavaScript
* Options for Minify to compress different components
* Fixed conflict with Shield Security

= 1.4.7.6 =
* PHP 7.2 compatibility
* Replaced trilingslashit from the end of template url to improve compatibility with urls (e.g. JavaScript variables) which does not include an ending slash.

= 1.4.7.4 =
* WooCommerce downloadables fix when using custom slug for uploads
* Include support for admin_url() along with admin-ajax.php
* Fixed redirect link after user register.
* Use get_rewrite_base and get_rewrite_to_base for all modules to apply correct site path and any WordPress subdirectory install
* WordPress subdirectory install compatibility fix
* Improved router file processor for WordPress subdirectory installs

= 1.4.7 =
* Rewrite changes for many components
* Rewrite update for admin and login url
* Typos fix
* Compatibility for diferent environments, when WordPress deployed in a domain root, a subdirectory, or it’s own folder https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory

= 1.4.6.6 =
* Fixed rewrite ens slashes for wp-login.php and wp-admin components

= 1.4.6.5 =
* Fixed hardcoded wp-register.php within rewrite – root files component
* Updated components to rewrite_base / rewrite_to system
* Improved components: Rewrite – WP Includes, Rewrite – WP Content, Rewrite – Plugins, Rewrite – Uploads, Rewrite – Comments, Rewrite – Root Files, Admin – wp-login.php, Admin – Admin Url
* Typo fix environemnt to environment
* New Component – Remove Shortlink Meta
* New Component – Remove new line carriage
* Apply relative paths change on styles only if main theme / child theme rewrite slug is not empty
* Improved interface errors and warnings transient structure
* Use ABSPATH and Environemnt data to create file path for file processing, instead just ABSPATH, for better compatibility

= 1.4.5.6 =
* Prevent the wp-register.php redirect to new login page when using block
* Prepare plugin for Composer package
* URL Slash description update
* xml_rpc_path add php_extension_required validation
* File processor use ABSPATH instead DOCUMENT_ROOT environment variable to avoid different paths on certain systems
* Allow path structure to be used for New Theme Path and Child – New Theme Path

= 1.4.5.1 =
* Media Galery src images fix
* Use separate variables for holding replacements to avoid key overwrite

= 1.4.5 =
* Add replacements for urls which does not contain explicit protocol e.g. http: or https:
* Avada cache URLs replacements support
* Fix processing_order for specific root files
* Ignore wp-register.php when blocking other wp-* files
* Fixed wp-register.php block
* Check for replacements on url encoded links
* Show message notices on General/HTML -> Html for options which may interfere with themes.
* sanitize_file_path_name fix when slug include a file type extension
* Prevent redirect to new url when accessing links through www
* New component Feeds
* Windows – Global file process rewrite rules update

= 1.4.4.4 =
* If no server type identification possible, try to check for .htaccess file
* Improved .htaccess search mod, Use preg_grep for identify the begin and end of WordPress rules
* Output notice when no supported server was found
* Use separate block of rules for .htaccess file, outside of WordPress lines
* Improved server htaccess support check
* Moved WPH_CACHE_PATH constant declaration from mu loader to wph class
* Use shutdown hock instead wp_loaded when plugin inline updated
* Use FS_CHMOD_FILE for $wp_filesystem->put_contents

= 1.4.4.2 =
* Fixed default wp-content block
* Updated compatibility with WP Fastest Cache
* Fixed wp-content replacement
Continue reading

Revert the media files urls to default format

Note! This is addressed for user who used early staging versions of WP Hide. At the moment, none of urls are being saved on database, everything is processed when being outputted.

Per plugin Documentation at Rewrite – Uploads when used the “Block uploads URL” option, Once the uploads url being changed, this will block any access to old URL’s format, which otherwise are still available. If this feature is turned on, all new images inserted within posts (or any custom post type) will use the new URL format. Continue reading

Scroll to top