Hide WordPress Site
Security. The only reasonable explanation.
We simply take into account the fact that a WordPress site is an interesting target for bad guys, hackers, and we observed this for a long time, in almost all the WordPress installations we or our customers have done. Once a WordPress site goes live it becomes a target. That’s the fact. We also noticed that live sites in development, with the choice to make them hidden from Search Engines, still are being hit as soon as they are online. Activate WooCommerce or another e-commerce platform with an active payment processor and the attacks rise more and more.
We are not saying that WordPress is a not secure platform. But WordPress site owners make mistakes, from using weak password, to installing it in not a secure environment, to using unsecure plugins, or well known plugins always under attack.
Your hosting provider will be really happy to assist you preventing this problem and will offer you a dedicated DDoS protection package. Sadly not for free. And that still will not solve everything.
Completely hiding the WordPress installation helps in increasing the overall security of your WordPress site. And if that is done in a local installation before going live, leaving no traces of the past WordPress install, well, that’s better. For sure an expert manually inspecting the hidden WP site will guess that there is WordPress under the hood. But hackers use automated tools to discover their catch, doing the faster and obvious checks, looking for the usual traces WP leaves.
Hide WordPress, hide wp-admin, hide standard login pages, hide the plugins, hide the theme.
There are a couple of tools that help hiding WordPress, still there are a lot of complaints about their use. A lot of people buy them, them leave awful comments just because they can’t get it to work the way they wanted or imagined.
Knowledge is required. No magic one click button tool. Sorry.
We learnt how to use the best tools, how to tweak them and how to solve this need. We know far well how WordPress is made, how theme and plugins are made. So we know what has to be done to hide the WordPress installation in a safe and harmless way. A lot of work as to be made on the server side, .htaccess editings the most of the time, and that’s the part where it is too easy to commit a mistake or generate some conflict and make the site performance drop. And we are not talking about the mistakes that leads to HTTP Error 500 Internal Server Error, those mistakes are immediately visible, undo the customization is the fix.
About site performance.
In a normal server no noticeable slow down is shown.
With a very poor server, maybe 200ms delay can be observed, but with hundreds of plugins installed and hundreds of internal rewritings on html, after the php render and before serving the page to the browser. But in this poor environment each plugin can add a noticeable delay.