How To Change WordPress Admin Login URL For Better Security
We all know one of the most common types of hacking on WordPress is a brute force attack. In brute force attacks, a hacker attempts to try various permutations and combinations of usernames and passwords to get access to your WordPress blog.
Especially when we all know that the common WordPress admin URL is “wp-admin”, any hacker can easily get started with brute force attacking.
There are many free security WordPress plugins out there that help you prevent brute force attacks. One major step you can take is to change the WordPress admin URL. This way, hackers will not be able to find the login link and this reduces the chance of getting attacked.
Are there any WordPress plugins to change your URL?
Currently, two plugins that can be useful for this purpose. One plugin is simply used to change the login URL of WordPress from a security perspective, and the other one is for improving the user experience. So let’s learn about some useful plugins to change the WP login URL.
How To Change WP Login URL with WPS Hide Login Plugin
With over 90,000+ downloads, WPS Hide Login is the simplest and most straightforward WordPress plugin for changing the admin URL. You can install this plugin by searching for “WPS Hide Login” from your WordPress dashboard.
Once you have installed and activated the plugin, go to Settings > General to configure the options. Scroll down and at the bottom, you will see the option to configure the “WPS Hide Login” plugin.
You can put anything in the blank space and that will be your new login URL. For example, in the above screenshot, onlineshouter.com/logmein is the new WordPress admin login URL.
If you are the only person handling your blog, you can use any word that you can remember or use something like “gapsbbabby” and save this unique login URL into your browser bookmark.
The idea is to make your login page hard to discover. This way, you improve your WordPress login page security to a great extent.
It doesn’t literally rename or change any files in the core, nor does it add rewrite rules. It simply intercepts page requests and works with any WordPress website.
If you are looking to do more than simply hardening your WordPress login page security, you should look for the below-mentioned solution. This one helps in better branding of your WordPress login and register page by giving them a memorable page URL.
Change WordPress Login and Registration URL For Better Branding:
There are a few plugins that let you rename your WordPress login, register, password reset and logout URLs.
This is useful when you have a multi-author blog or are using WordPress in a way where multiple users need to regularly register or log in.
The most popular plugin is iThemes Security, however, it’s not highly recommended as this plugin offers much more than just customizing the URL of your WordPress registration and login page.
The other plugin which is developed just for renaming WordPress admin login, registration and other pages is the Custom Login URL plugin. This is another simple to use the plugin.
Once you have the plugin installed and activated, go to Settings > Permalink to configure
You can rename the login URL, registration URL, lost password URL, logout URL and authentication redirects. Authentication redirects are the URLs which users will be redirected to after logging in or logging out. A simple tweak in this area can be very effective for your WordPress blog branding and security.
From a security perspective, it’s a good idea to change your WP-admin login URL to make it hard for hackers to guess.
This will strengthen the security of your WordPress blog to a great extent. At the same time, if you are running a multi-author blog or using it in a way where you and others need to regularly interact with the login and registration page, use the other plugins to change the URL. The second option is optional, however, it is recommended to implement the first option (change your wp-admin URL) right away for better security.
Latest posts by sarah ali (see all)
- Why should you care about the Google Cloud IoT Core? - September 10, 2017
- How to Manage Ads in your WordPress Site - August 31, 2017
- How to Fix the Internal Server Error in WordPress - July 24, 2017