F12 still shows up despite settings

??Hi Liliana,

From what you describe, most likely another plugin is interfering with the disable options. Please create a staging site and disable all plugins besides HMWP Ghost. Check with Incognito mode or another browser and see if the issue is still occurring.

If not, enable the plugins one by one until the issue appears again.

It yes, please reach back to us and we’ll see what can be done text.

Also, would you mind sending us a screenshot of the settings you have under Tweaks > Disable Options? To see what you have setup on the plugin.

Hi, @petersquirrly and thanks a lot for your feedback!!

I have followed the steps you indicated and unfortunately the issue persists.

I started deactivating the plugins one by one. The moment I deactivated Hide my WP Ghost the page went completely blank (total white) except for the Buttom. The light blue Button was the only thing visible at least in Chrome. (Edge was apparently still displaying the entire site, however I′m not too sure if this was a cached site).

Then I started re-activating plugins one by one. Again: the moment I re-activated Hide my WP GHost the site was again displaying all its content as expected except for the issue in the button (which remains in light blue)

Apparently the problem is with the buttons that had been originally set to green. All of them are now displaying in light blue. (I think it is the default blue of Elementor.)

This issue is replicating in the following pages which had its buttons originally set to color: green:
a) https://armamostuweb.com/demos/salsa-art/
b) https://armamostuweb.com/demos/arcoiris/ here header and footer Menu are also displaying in light blue

I can also confirm that a piece of Custom CSS has been lost. Completely dissappeared.

Regarding the settings I have under Tweaks > Disable Options, I have taken two screenshots that you can see here:

1. https://snipboard.io/z0UGx7.jpg
2. https://snipboard.io/mJOyR7.jpg

At the moment, and contrary to my expectations the use of F12, disable right click, disable inspect / disable copy/paste? disable view source-code, etc, are not only visible from the nav bar but also by clicking in the page itself as you may double-check from the pages I have shared above in this post. At least this happens in Chrome. Meaning that the “blocking” settings that I had configured in Hide my WP Ghost are no longer working and the whole website is vulnerable again even after having clicked the button to “restore to last configuration” and have it in Lite Mode again. The plugin did not remember the settings and it did not re-activate them after it has been reactivated.

I hope this information can help you help me as I feel insecure and fearing new issues may show up, Or that other issues are taking place right now and without my knowing.

Again, thank you very much !!!

Liliana

• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.

Thank you for the details! Here are a few things you can try out.

Note! Before going about it please save a copy of your settings from Backup/Restore.

1. Go to Tweaks > Hide Options and disable the Hide Version from Images, CSS and JS in WordPress option.

If that doesn’t help, try disabling Hide HTML Comments as well.

2. Go to Mapping > CDN and add your CND URL.
3. Go to Advanced > Compatibility > Plugin Loading Hook and select Priority loading from the drop-down list.
4. Go to Change Paths > Level of Security and make a frontend test. If it fails, you will receive instructions on how to fix it in a yellow notification at the top of the screen.
   
   In case the frontend test doesn’t appear, select Safe mode (even if it’s already selected) and save the settings. This will apply the default settings for that mode, so make sure to activate the disable options again after doing it.

Hello Peter and again, thank you so much for your help

Please allow me a couple of comments

1) Regarding the backupcopy, please notice that I have installed Hide my WpGhost in https://armamostuweb.com/demos/ . Should I have installed it in the main site: https://armamostuweb.com/ ??? (I am asking this because backup copies are generated to. the whole site https://armamostuweb.com/) Sorry, as I am not experienced at all in these matters and both, the main site and /demos have been created with WordPress

2) REGARDING CHANGES IN TWEAK, I APPOLOGIZE SINCE:

WHEN I wrote in my latest post that contrary to my expectations the use of F12, disable right click, disable inspect / disable copy/paste? disable view source-code, etc,?are not only visible from the nav bar but also by clicking in the page itself , Please forgive me for the confusion: I WAS USING A CACHE SITE!!! Most settings are still working; For instance: right-click is disabled. So, given the fact that I gave you this information from a cache site, please let me know if making these changes in Tweak is at all necessary

But still, If you go to any site and press F12 or Ctrl +U in the nav bar, you will still have information as everything is displayed. (a)?https://armamostuweb.com/demos/salsa-art/
b)?https://armamostuweb.com/demos/arcoiris/)

Example: I have replaced “core” for “heart” and the page displaying ej: https://armamostuweb.com/demos/heart/ver/9dbb40d076/assets/js/minified/frontend.min.js

While I don′t understand what exactly is the page saying, I have the feeling that in the end things are not being completely hidden. (especially for hackers knowing this plugin)

Because the changes I will now have to make (following your instructions) are a bit complicated, for me, and risky too, please let me know the safest way to completely remove HideMyWPGhost without causing any trouble. (I had made a .htaccess backup copy before installing the plugin, )

It is , of course, a lot easier for me to set the buttons color and menu fonts color to green again, but I am unconfortable as to what the plugin may do in the future. I hope you understand me.

Again thanks a lot in advance!!

Liliana

• This reply was modified 10 months ago by aflorarte.

Sorry to come to you again, but I think I′d rather deactivate the plugin in the SAFEST way posssible. that you can suggest. Do I have to follow this instruction?? “Copy the?SAFE URL?and use it to deactivate all the custom paths if you can’t login.https://armamostuweb.com/demos/wp-login.php?VmhlSdApqkGXUeBR=MGaBQzSRWmPxhjnL Please let me know the “howto” here.

Today I found that I can no longer import Envato templates as the plugin seems to search for wp- admin and my dashboard is now “my-administrator” I get the following:

I have refreshed everything as indicated and tried importing from both : https://armamostuweb.com/demos/my-administrador/admin.php?page=envato-elements#/template-kits/installed-kits/kit/7217 AND FROM https://armamostuweb.com/demos/wp-admin/admin.php?page=envato-elements#/template-kits/installed-kits/kit/7217 and the problem persists.

I don′t know what other issues I can get with other plugins but here is what I am currently getting when I try to import an Envato template:

Unexpected Error

Sorry there was an unexpected error from API call:SyntaxError: Unexpected non-whitespace character after JSON at position 131 (line 1 column 132). {“imported_template_id”:7632,”edit_url”:”https:\/\/armamostuweb.com\/demos\/my-administrador\/post.php?post=7632&action=elementor”}<br /> <b>Warning</b>: Cannot modify header information – headers al

DEBUG DETAILS:

{"imported_template_id":7632,"edit_url":"https:\/\/armamostuweb.com\/demos\/my-administrador\/post.php?post=7632&action=elementor"}

Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462



Warning: Cannot modify header information - headers already sent by (output started at /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-includes/functions.php:5373) in /home/u937099556/domains/armamostuweb.com/public_html/demos/wp-content/plugins/nitropack/functions.php on line 3462

• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.

1. So https://armamostuweb.com/demos/ and https://armamostuweb.com are two different websites? As normally you would add only the domain https://armamostuweb.com and everything you do on it will also apply to /demos as well, as I would say that /demos is just a page from your site and not an entirely different site (correct me if I’m mistaken).
2. I don’t believe that the options from tweaks are required anymore.
   
   However, regarding that F12 and CTR+U, please go to Tweaks > Disable Options and enable ‘Blank SCreen on Debugging’. That should display a blank screen when those combos are used.
   
   Now, hiding a path by replacing ‘core’ for ‘heart’ doesn’t mean that the page cannot be accessed or found anymore. It is hidden by obscuring the paths.
   
   Let’s take for example the login path /wp-login.php. Anybody who was a wordpress site knows this path, and you can go and access this path for any wordpress site. But with HMWP Ghost you can hide it by redirecting the login path so something else, such as /newlogin. When somebody tries to access /wp-login.php will be redirected to the homepage so it won’t be able to access it. If they don’t know the new path, there is no way they will be able to find it. This is the same thing for heart.
   
   If you wish to remove the changes our plugin does, simply deactivate it and everything will go back to default as it was before using our plugin, so there is no special method of doing it.

Hi there! and many thanks again, Peter

Clarifying: armamostuweb.com is a WordPress site, the main site. armamostuweb.com/demos is another WordPress site. It is in this subdirectory where I activated the plugin

I tried as you say regarding that F12 and CTR+U, please go to Tweaks > Disable Options and enable ‘Blank SCreen on Debugging’. That should display a blank screen when those combos are used. F12 is working. Ctrl+U is not working, it keeps on displaying all source-code.

I will be trying everything before uninstalling the plugin which I find so valuable. So, rbefore uninstalling it, regarding the Error that I am encountering with Envato templates. (I posted the Debug details above) What should I do in order to be able to insert a template?

Regarding uninstalling, I found some warnings somewhere , Eg. “

What do I need to do before I deactivate the plugin?
It’s better to switch to Default Mode in Settings > Hide My WP.”

and a couple more , one of which, I remember, warned about the .htaccess file (which is apparently editted by the plugin,, if I did not missunderstand the warning). But the rest, unfortunately, I don′t know where I read them, I cannot get back to them, so that is why I am asking

Thanks again!

Liliana

• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.
• This reply was modified 10 months ago by aflorarte.

Our apologies for the late response. The developer Bar and Source Code are 2 different things.

If you set Disable to View Source, then the Control + U shortcode should not work.

But on the view source page we can’t make it blank because it’s in another tab where you can’t intervene via javascript.

What you can try is to put blank lines to move everything below if you add this code in functions:

add_filter(‘hmwp_buffer’, function($buffer){ return str_repeat(“\n”,100).$buffer;});

Hello again, Peter

I understand then about F12 and Control + U shortcode, thank you!

I am still interested in using the program so I would ask you to clarify about editing a given page as I see that changes many times don′t show up.

Should I edit from https://armamostuweb.com/demos/wp-admin/ or from https://armamostuweb.com/demos/my-administrator

My experience was that on trying to edit a page with Elementor, editor automatically opened in https://armamostuweb.com/demos/my-administrador/post.php?post=2285&action=elementor

But then I could see that changes (animations) made from that url were not being displayed,

Further investigating, I could see that these changes made from …/my-administrator/ were not being taken from https://armamostuweb.com/demos/wp-admin/post.php?post=2285&action=elementor . So these two had different settings for the same page, each of them with a different animation for the same element.

Another issue I saw is that in page settings, from https://armamostuweb.com/demos/my-administrador/post.php?post=2285&action=edit is set to “Private” but I had previously set this page to “password protected” from https://armamostuweb.com/demos/wp-admin/post.p hp?post=2285&action=edit so I could not open the page in my testing it from Incognito. This is a bit confusing for me. I was forced to make every change twice (wp-admin & my-administrator) in order for the page to display as expected.

Unfortunately I couldnt identify if all this is a cache problem . I cleared it both in my pc and with Nitropack in WordPress site.

Hope you can guide me in this issue, too so that I learn how to work on the site and safely make changes while?Hide My WP Ghost is set to active

Thank you in advance!

Liliana

If you have set custom wp-admin you’ll need to that path, because when submitting the form the referrer path is checked and it doesn’t match. If you have wp-admin under Hide My WP > Admin Security > Custom wp-admin path, then use wp-admin. If you have wp-administrator, then it’s important to use wp-administrator when submitting to Page Builders.

So to reiterate, you’ll always use the path you have setup under Admin Security > Custom wp-admin path.

This is how security works. If the referrer page in the URL does not match the referrer page when sending data to be saved, then a security trigger is made.

Hey, Peter

Ok, sorry as I am still not too sure if in my case every change will have to be made from my custom admin path: “my-administrador” as I have hidden all 3 options showing up in Admin Security tab.

1. Hide “wp-admin”, —>yes
2. Hide “wp-admin from non Admin users—>yes
3. Hide the new admin path—>yes
   

Please let me know if I have to make any changes here.

What will happen as of now to the changes I am currently making? if I decide to remove the plugin?

You have indicated above that removing it will turn everything back to normal, But because I am now editing I need to know if there are any suggestions of things to be made prior to removing it in case I need to disable the plugin, either as a temporary disable or if I find more problems and decide to stop using it. So, if you could please let me know how to secure/protect the changes I am currently making, I will be so much grateful !

Thank you so much for you patience, Peter! I appreciate it very much and I appologize for so many questions but I would still like to benefit from this plugin, I am well aware that it is a fantastic resource ??

Liliana

• This reply was modified 9 months, 2 weeks ago by aflorarte.
• This reply was modified 9 months, 2 weeks ago by aflorarte.

If the wp-admin path is changed (see screenshot), and NOT if Hide “wp-admin” is active (I mean, it can be active, but that option doesn’t have any connection to the conversation so it’s irrelevant), on your backend, you should have the custom wp-admin used.

I’m not quite sure how you were using both paths, were you changing it on the URL? As that’s not a good practice and shouldn’t be doing that.

As for what will happen when removing the plugin, it will revert everything to default as you had before installing it, without affecting in any way your website.

This is how it should work. Make any changes to the HMWP Ghost plugin as you want, and continue working on your website as usual without any worries, just like HMWP Ghost wouldn’t be there. The purpose of our plugin is to keep your website protected from hackers and bot future attacks while running in the background without interfering with your day-by-day work.

To ensure that your website is secure, go to Hide My WP > Security Check and resolve all failed tasks based on the provided instructions. For an extra step, here you have an article with best practices.

Thank you very much Peter.

Yes, according to the screenshot (see screenshot), mine is changed to “my administrador!, And yes I have been changing from the NAV bar: I replaced “my-administrador for wp-admin and made the changes. As I understand it that is not a good practice, so I will be making all changes from custom “my-administrador”,

I hope I have fully understood and again thanks a lot for your help!

Liliana

Yes, it’s not a good practice at all to change the paths from the NAV bar and we recommend leaving them always as they are, as it won’t cause any issues.

Should anything else pop up, we are here at your assistance.

Understood! ??

I will set this query as resolved or the moment, Peter, I appreciate your help very much!