Hi Support Team !

I’m experiencing an issue where the LiteSpeed Cache Crawler and QUIC.cloud functionalities stop working whenever the Hide My WP Ghost plugin is activated. I’ve tried several configurations to allow LiteSpeed API routes and REST API paths, but the problem persists, even under minimal security settings in Hide My WP Ghost.

I noticed that if I set the Security Level to “Deactivated” instead of “Light Mode,” the LiteSpeed Crawler and QUIC.cloud start working again. My setup uses OpenLiteSpeed as the web server.

Steps to Reproduce

1.  Activate Hide My WP Ghost plugin on my WordPress site.
2.  Set Protection Mode to Light.
3.  Change wp-admin path to a custom path, such as /adm.
4.  In Hide My WP Ghost settings:
?   Whitelist common REST API paths and LiteSpeed Cache API routes:
?   /wp-json/
?   /wp-json/litespeed/
?   /wp-admin/admin-ajax.php
?   /sitemap.xml
?   /sitemap_index.xml
?   Add localhost, 127.0.0.1, and the server’s IP to the whitelist.
5.  Go to LiteSpeed Cache > Crawler and manually click Start under the cron settings.
6.  Observe that the crawler does not start unless the Hide My WP Ghost plugin is either disabled or Security Level is set to “Deactivated”.

Expected Behavior

LiteSpeed Cache Crawler and QUIC.cloud API functionalities should work normally with Hide My WP Ghost active, especially when REST API paths and LiteSpeed-specific routes are whitelisted.

Actual Behavior

When Hide My WP Ghost is activated with Security Level set to “Light” (or higher), the LiteSpeed Cache Crawler and QUIC.cloud services cannot function, resulting in failures to reach necessary API routes (e.g., /wp-json/litespeed/v1/cdn_status). This happens regardless of settings adjustments, such as lowering protection levels, setting default paths for wp-json, and fully whitelisting the necessary routes and server IPs.

Additional Information

?   WordPress Version: 6.6.2
?   LiteSpeed Cache Version: 6.5.2
?   Hide My WP Ghost Version: 5.3.02
?   Web Server: OpenLiteSpeed
?   QUIC.cloud: Active

Thank you for your assistance! I’d appreciate any guidance on compatibility settings or configuration adjustments to resolve this issue.

Hi ;)!

How can I enable 2FA (mail) for a given user using mysql command? I am using the 2FA addon.

Hello,
I can see you have a shortcode [hmwp_bruteforce] to integrate it with other login forms, this is on the wp-admin end though, what about when dealing directly with php files what should be the script we use ?

Rgds,

The website crash after activating Wp-rocket lazyload background css images and empty the casche also all css files url in the consoles give 404 error

Hi, I am trying to use WP Ghost and Nitropack, as of Nitropack support there is a conflict which could have led to it being incompatible with their resource loader script. It is because the changing theme URL and Plugin. Is there a solution to prevent it? Or my only solution is disabled the feature?

• This topic was modified 1 month, 1 week ago by Aaron.

Dear Sirs,

I have checked that the https://reportsostenibilita.aqp.it/wp-login is not hidden as it should be. Do you have possibility to help me?

With regards, GF

I have an Advanced Accordion widget from the Essential Addon Plugin in this page but when Hyde My WP is active it doesn’t work. When you click on the items they don’t open.

Is there a way to make it work?

Thanks

Hello, After activating Lite Mode on my website, I encountered the following error message:

“There has been a critical error on this website. Please check your site admin email inbox for instructions.”

I would appreciate any guidance or troubleshooting steps to address the problem.

• This topic was modified 2 months ago by Benfellah.

After successful payment (Using metaps payment credit card), the order status is not updated.

I have inactive hidemyghortwp, it works fine.

How to restrict other user roles from access ?

Thanks

need headers compliant, recommend A Scores

reference:

https://observatory.mozilla.org/

https://csp-evaluator.withgoogle.com/

I’m using siteguard plugin for Recapcha.
but after enabled HMWPG, recapcha is not showing.
how can i fix this?

this folder
plugins/siteguard/really-simple-captcha

Are the 8G firewall rules compatible with NGINX? I assume the config can’t be modified directly from the plugin since the configs are server level and outside public_html since there is no equivalent of .htaccess, do I have to manually add configuration rules to a config file?

The plugin is working well as it says. However after installing and activating (without activating Light mode yet), there is a bug: a language class is missing inside <html> tag at top on all php pages similar to:

<!--[if !(IE 7) | !(IE 8)]><!--><html lang="en-US" class="lang-en_US "><!--<![endif]-->

The above line has gone missing which causes CSS and font to be displayed not correctly for multi-langual websites.

I have tried to turn off Text Mapping in the plugin setting, but that issue is not fixed.

Can you please advise how to fix it?

Very appreciate your support.

• This topic was modified 3 months, 2 weeks ago by daro2013.
• This topic was modified 3 months, 2 weeks ago by daro2013.
• This topic was modified 3 months, 2 weeks ago by daro2013.

BruteForce is not compatible with, not even the shortcode:

https://www.ads-software.com/plugins/userswp/

Hi,

I keep getting this error:

“There is a configuration error in the plugin. Please Save the settings again and follow the instruction.”

I tried to deactivate it and re-install it but this error persists

If I delete its database tables then re-install the plugin?
how are they called in the database?

We use Windows IIS server and the WordFence plugin is fully working

How do I fix it?
Let me know soon, thanks
Best regards,

Hi,

I have been using the HMWP plugin for a long time now, and it is amazing and easy to use. I am also using the pro version. Today, I faced an issue and need your guidance on how to solve it.

Basically, I am using a custom plugin for WooCommerce that helps users select different cities in the checkout section. The city list is in a text file. A few hours ago, I was working on changing paths and permissions. I must have done something related to changing permissions or paths, and now users can’t see the cities list in the checkout. When I deactivated the plugin, the cities list appeared again.

Please guide me on which feature or option I should disable so I can start using the plugin again.

Thanks!

Hello,

I’m new Hide My Ghost, but have been using it on a site that was having a lot of hack attempts and love it. I have noticed over the last few months that everytime Hide My Ghost is updated I get a Medium Severity Problem warning from Wordfence for 20+ files related to Hide My Ghost.

When I login to read the issue this is what Wordfence has in its Details: This file belongs to plugin “Hide My WP Ghost Lite” version “5.1.03” and has been modified from the file that is distributed by www.ads-software.com for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don’t manage their code correctly.

Is this normal? Or is there something I need to change?

Hello, Hide My WP wordpress multisite works well and this is really great, but in the brute force feature, the woocommerce option is only used for the customer login and registration form. Woocommerce is enabled on all subsites and I want to enable captcha protection for the woocommerce product evaluation form. How can I do that?

While using your plugin, I encountered an exception in the file Firewall.php:

Warning: preg_match(): Unknown modifier ‘g’ in /home/c/co15355/wordpress/public_html/wp-content/plugins/hide-my-wp/controllers/Firewall.php on line 849

The source is line 796: ‘@^searchbot [email protected]$@’,
Where @google.com is not escaped!

Please fix this issue!
Thank you!

I have found an issue/bug with the latest 8G Firewall feature that collides with Elementor. I wasn’t sure where to submit the information, so hoping this is a good place to send it.

I noticed after activating the 8G Firewall, I am no longer able to edit my Elementor Pages. It instead gives me a 403 Access Denied error, and does not allow me to preview the page, edit it, or even access it from the public internet.

At first I thought it may have been a server-side issue, and went through all the normal troubleshooting processes of deleting and re-generating my htaccess, checking permissions of everything, etc.

It wasn’t until I finally disabled all my plugins and re-enabled one by one, where after re-activating everything, I couldn’t duplicate the issue. Then I noticed I had the notification to activate the 8G Firewall.

After activating the 8G Firewall, I began receiving the same errors with Elementor. I then downgraded to the 7G Firewall, and the issue resolved. When I turned 8G back on, the issue came back.

I hope this is helpful!

Thank you.

Hi i am using this great plugin and i am very happy with it .

recently i my user ecountered a issues related to password reset.

my wordpress is not allowing customers to reset their password.

error: Passoword reset is not allowed for this user.

Please guide me how to solve this

screenshot https://snipboard.io/ERX8Nz.jpg

I had installed this plugin on my website for security measures. I changed the default WordPress paths, which are done through the plugin’s settings by default. However, now I’m getting errors on the Search Console. I also tried redirecting these URLs to the home page, but that isn’t working either. Can someone tell me what the issue might be?

Below are some links you can refer to these links are redirected to home page:

https://www.poshequili.com/storage/2021/01/30-Jul-2020-–-Compliance-Implementation-of-Law-against-Sexual-Harassment-in-the-New-Normal-1.webp
https://www.poshequili.com/storage/2023/11/Preceding-the-POSH-Act-2013.webp
https://www.poshequili.com/storage/2024/03/Impact-of-Tamil-Nadus-TiC-Initi.webp
https://www.poshequili.com/storage/2023/11/Appeal-Under-POSH-Act-to-Departm.webp

I want to resolve search console errors, kindly tell me how can resolve those errors without remove this settings security path settings.

Hi, I have a custom perl script that is executed on every page on my WP installs, but installing Hide My WP is disabling the execution (it no longer executes or produces any output). Is there a way to not interfere with this perl script execution?

Here’s what my request looks like, located within the footer of the theme template:
<?php
shell_exec("/usr/bin/perl /home/httpd/html/domain.com/cgi-bin/script.cgi");
?>

Disabling Hide My WP and the above executes from every WP page. With Hide My WP running, the above request is removed entirely and not being processed. I’m not sure if the entire cgi-bin path is being disabled or something else is being blocked while Hide My IP is running, but I require access to this specific script on all pages.

Thank you.

We are migrating our website to a new Ubuntu server. We have verified that the Apache server works correctly, the files and database have been migrated and the pertinent changes have been made to be able to test locally from a web browser.

You can access wp-login.php without any problem, but when entering the username and password, there is an error (The requested URL was not found on this server) when trying to redirect to the URL that was configured in the Hide My WP plugin on the web server that is currently in production.

We have tried deactivating the plugin from the database and deleting it from the FTP plugins folder, but it generates errors. I can’t deactivate it from the administrator because it won’t let me enter the plugin itself. How could I deactivate or delete it?

Thank you so much.

I installed Hide my Wp to a site and WP Engine added the rules as indicated. This appears to have broken the website. I have disabled the plugin and am contacting on the instruction of WP Engine to investigate the conflict. Any help would be appreciated. As a note I also added Sucuri to add a WAF firewall for extra protection if that helps.

I’ve had to disable this plugin. Plugin rocking good unitl I got everything set up and the recaptcha comes in sometimes on testing, but consistently H captcha shows up on the login. I’ve reached out to hcaptcha because I can’t log in to their site to get my keys, but the keys show up in this plugin, but I can’t access where to remove hcaptcha keys. Your details page does not mention hcaptcha and I only wanted to use recaptcha. tech support found in the files of the plugin file.exe hcaptcha.php file.

Is this file supposed to be in there? Thank you.

Hello @Hide My WP Ghost,

Around two days ago I have deactivated and deleted HMWG, but today from my plugin of “301 Redirects” there’re still some 404 errors come out time by time, is there anything you can help to figure this out? here’s a screenshot of the newest error log just now.

https://snipboard.io/MrqJ9e.jpg

Wondering is there anything of code in our database can not be cleaned?

Thanks in advance!

• This topic was modified 8 months ago by everpromos.
• This topic was modified 8 months ago by everpromos.
• This topic was modified 8 months ago by everpromos.

Hi I am having an issue with the Commbank Simplify plugin. Customers try to pay via card but are not able to for some reason. Would it be a url change that it isn’t working?
Thanks

I select hide theme and all plugins but the plugins are still detected, what should I do additionally?

• This topic was modified 8 months, 2 weeks ago by vallesierra7.