WP Hide & Security Enhancer plugin conflict

  • Hey,

    your plugin is absolutely fantastic!

    I found a small bug related to the plugin called “WP Hide & Security Enhancer”.

    First I set up your plugin with CF. Everything works.

    When I turn on the Security plugin (which changes and hides routes and common wp directories) your plugin seems to loose some css on the admin interface. Also I can’t turn on or off CF.

    I figured out this plugin caused the conflict.

    Maybe you guys can work on this on both sides to figure something out. Both plugins are great and would be so cool to use them together!

    Thanks a lot.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor iSaumya

    (@isaumya)

    Hi @mitrillhu,
    Yes this plugin adds a few CSS and JS on the admin sides for it to work. So, changing the file path URLs will cause issues. You can try using Perfmatters plugin which also has the option to change the Login path URLs, you can try that out and see if you are having the same issue with that plugin as well.

    Personally I think these URL changing plugin are just not worth it as all it does is giving you the false promise of safety. Any experienced person can figure out the URL with brute force or some other ways. The best way to secure your website admin side is not by using plugins like these but rather to adopt Zero Trust Architecture. You can look at Cloudflare Zero Trust system which has a great free tier and you can protect your site from all attacks without changing any URLs.

    Thread Starter mitrillhu

    (@mitrillhu)

    Thanks for you fast reply.

    I believe printing a few kB of css + js to the head part of the plugin admin page wouldn’t hurt in terms of speed (might also improve it) and would also make it working safely for many more plugins like this.

    The wp hide also changes the login page url but also many more wp footprints (but for free). The goal is not to beat a good hacker (wouldn’t try that with wp anyways :)) ) but a whole bunch of automatic bots that are designed to figure out if a website is built on wp or not.

    If these bots find out you have it then a massive attack might start with ip rotations and stuff. Cloudflare Zero Trust might be working for that, I will try. Thanks for the great call!

    The thing is: if these bots don’t even recognize a wp blog than you less likely get an attack. ?? So this is just another layer of safety.

    Plugin Contributor iSaumya

    (@isaumya)

    Hi @mitrillhu,
    Trust me there are many ways to figure out whether or not it’s a WP website even after changing the URL. So, these are just to make you feel safe but doesn’t help much anyways.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WP Hide & Security Enhancer plugin conflict’ is closed to new replies.