Cloud Panel Server – WP Ghost Setup Guide (Nginx Vhost Configuration)

Quick summary: Set the server type to Cloud Panel in WP Ghost, configure your custom paths, then add the hidemywp.conf include directive to your Cloud Panel Vhost file above the {{settings}} line. Restart Nginx to apply.

Why Cloud Panel Needs Extra Configuration

Cloud Panel is a free hosting control panel that runs Nginx, MySQL, and PHP. It is popular for VPS deployments. Because Cloud Panel uses Nginx instead of Apache, WP Ghost cannot write to an .htaccess file the way it does on Apache servers. Instead, WP Ghost generates a separate config file called hidemywp.conf that contains all the Nginx rewrite rules. You need to tell Cloud Panel to load this file by adding one line to your site’s Vhost configuration.

Once that is done, every WP Ghost feature works on Cloud Panel: path security, firewall, brute force protection, 2FA, security headers, and more. The only exception is the custom wp-admin path, which has a known limitation on this server type.

Before You Begin

Make sure you have these three things ready before starting: a Cloud Panel server with Nginx installed (this is the default Cloud Panel configuration), a WordPress site running on Cloud Panel, and administrator access to both your WordPress dashboard and the Cloud Panel admin interface.

How to Set Up WP Ghost on Cloud Panel

Step 1: Install WP Ghost

Install WP Ghost like any other WordPress plugin. You can install the free version from the WordPress plugin directory or the Premium version from your WP Ghost account. For detailed instructions, see the WP Ghost installation guide.

Step 2: Set Server Type to Cloud Panel

WP Ghost auto-detects most server types, but on Cloud Panel you should set it manually to make sure the correct rewrite rule format is generated.

1. Go to WP Ghost > Advanced > Compatibility.

2. Find the Server type dropdown.

3. Select Cloud Panel.

4. Click Save.

Step 3: Configure Custom Paths

Now set up your path security:

1. Go to WP Ghost > Change Paths.

2. Select your security level. Lite Mode is recommended for Cloud Panel because of the wp-admin limitation. Ghost Mode also works, but keep in mind that the custom wp-admin path will redirect to the default on login.

3. Customize the paths you want to change (login, plugins, themes, uploads, REST API, etc.).

4. Click Save.

After saving, WP Ghost generates the rewrite rules and writes them to the hidemywp.conf file in your WordPress root directory. You will see a notification telling you to include this file in your Cloud Panel Vhost configuration.

Step 4: Add the Include Directive to the Vhost File

This is the Cloud Panel-specific step. You need to manually tell Nginx to load WP Ghost’s config file.

1. Log in to your Cloud Panel admin interface.

2. Go to your site and open the Vhost editor (usually under Settings > Vhost).

3. Find the {{settings}} line in the Vhost configuration.

4. Add the include directive above the {{settings}} line:

include /home/clp/htdocs/yoursite.com/hidemywp.conf;
{{settings}}

Replace the path with your actual WordPress installation directory. The default Cloud Panel path is typically /home/clp/htdocs/yoursite.com/.

5. Save the Vhost file.

Important: The include directive must go above the {{settings}} line, not below. The {{settings}} placeholder is where Cloud Panel injects its own server configuration. Placing the WP Ghost rules above ensures they load before Cloud Panel’s defaults take over.

Step 5: Restart Nginx

Restart Nginx from the Cloud Panel admin interface. You can find the restart option under Services or by clicking the restart button after saving the Vhost. Alternatively, run the restart command via SSH.

Nginx loads its configuration at startup and keeps it in memory. Without a restart, the new rewrite rules will not take effect.

Step 6: Verify the Setup

After restarting Nginx, test that everything works:

1. Visit your site’s homepage and confirm it loads normally.

2. Try your custom login URL – it should load the login page.

3. Try accessing the default /wp-login.php – it should return a 404 error.

4. In WP Ghost, click “Yes, it’s working” on the frontend test notification.

5. Run a Security Check to verify your full configuration.

Cloud Panel Limitations

There is one known limitation on Cloud Panel: the custom wp-admin path is not fully supported. If you set a custom wp-admin path, you may still be redirected to the default /wp-admin after login. This happens because Cloud Panel’s Vhost structure does not allow Nginx to rewrite the wp-admin path consistently. The login path change works fine – this limitation only affects the wp-admin directory rename.

The recommended approach is to use Lite Mode (which keeps wp-admin at the default path) or to focus on changing the login path, plugin paths, theme paths, and uploads paths. These all work correctly on Cloud Panel and still provide significant attack surface reduction.

Every other WP Ghost feature works fully on Cloud Panel: brute force protection, 2FA, security headers, 7G/8G firewall, and all other path changes.

Troubleshooting

Custom paths return 404 after saving

You probably have not added the include directive to the Vhost file yet, or you forgot to restart Nginx. Go to your Cloud Panel Vhost editor, verify the include /path/to/hidemywp.conf; line is present above {{settings}}, save, and restart Nginx.

Nginx fails to start after editing the Vhost

The most common cause is a wrong file path in the include directive or a missing semicolon. Make sure the path matches your actual WordPress installation directory and the line ends with a semicolon. If you are unsure of the path, SSH into your server and run find / -name "hidemywp.conf" 2>/dev/null to locate the file.

Locked out of WordPress after configuration

Use the Safe URL parameter to bypass WP Ghost temporarily. If that does not work, follow the emergency disable guide to recover access via FTP or SSH.

Frequently Asked Questions

Do I need to restart Nginx every time I save WP Ghost settings?

Yes. Nginx loads its configuration at startup and keeps it in memory. Whenever WP Ghost updates the hidemywp.conf file (which happens any time you save Change Paths settings), you need to restart Nginx for the new rules to take effect. Use the restart button in Cloud Panel or run the restart command via SSH.

Is Cloud Panel the same as CyberPanel?

No. Cloud Panel uses Nginx by default and is made by Hetzner. CyberPanel uses OpenLiteSpeed by default. They have different Vhost configurations and different ways of handling rewrite rules. If you are on CyberPanel, see the OpenLiteSpeed .htaccess setup guide instead.

Is the include directive a one-time setup?

Yes. The include line references the hidemywp.conf file, which WP Ghost updates automatically when you save settings. You only add the include line once. However, you still need to restart Nginx after every change to WP Ghost path settings so the updated rules get loaded.

Does this work with WooCommerce?

Yes. WP Ghost is fully compatible with WooCommerce on Cloud Panel. Cart, checkout, product pages, and customer accounts all work normally with this configuration.

Does WP Ghost modify WordPress core files?

No. WP Ghost writes rewrite rules to hidemywp.conf (a separate config file in your WordPress directory) and uses WordPress hooks for application-level changes. No core files are modified. Deactivating WP Ghost restores all defaults instantly.

Related Tutorials

For more server configuration guides and related setup topics:

Setup WP Ghost on Nginx Server – Standard Nginx configuration for WP Ghost.

Add Custom Config File for Nginx – Alternative location for the WP Ghost config file.

Disable WP Ghost in Case of Error – Emergency recovery steps if rewrite rules cause issues.

Install WP Ghost Plugin – Step-by-step installation guide for the free and premium versions.

Website Security Check – Run a full security scan to verify your WP Ghost configuration.