One of the simplest ways to improve security on your WordPress site is by changing the default /wp-admin login URL. This is a commonly attacked URL by hackers when they try to carry out brute-force attacks, but once you further customize it, they will find it much more difficult to discover and access your admin login page. So here’s an easy way to change the URL with the help of the WPS Hide Login plugin.
Why Change the /wp-admin URL?
How to Restrict Access to the Default /wp-admin and /wp-login. php URLs are very well known to hackers and they can make use of these URLs to do a brute force attack. This hides or changes the URL to your WordPress admin panel in such a way that makes it difficult for malicious users to access it.
Step 1: Install and Activate the WPS Hide Login Plugin
- Log onto your WordPress dashboard and go to Plugins > Add New.
- Look for the WPS Hide Login and click Install Now.
- After the installation, click on Activate.
Step #2 – Rename the default login URL
- Post activation, navigate to Settings > General.
- Now, scroll down to WPS Hide Login.
- In the Login URL field, enter a custom login URL (e.g., your website. com/login).
- Click Save Changes.
Step 3: Try Your New Login URL
Go back to your site and log out of your admin dashboard to make sure it’s working using the new URL (e.g., your website. com/login).
You’ll be able to log in as always but the old /wp-admin URL won’t work anymore.
Important Notes
Remember your new login URL — if you forget it, you may also not have access to your site! Please make sure that you clear your browser cache, always with a change of login URL to avoid any issue in the future.
Conclusions
Changing the default /wp-admin URL is simple but one of the best steps to secure your WordPress website. WPS Hide Login allows you to hide your admin panel from attackers easily and gives your site additional security. Stay safe and protect unauthorized users from access!
FAQS
If you forget the new login URL after changing it using the WPS Hide Login plugin, you can easily regain access to your website by deactivating the plugin. You can open your WordPress site using FTP or File Manager from your hosting control panel and go to the wp-content/plugins folder. Locate the wps-hide-login plugin folder and rename it to something else (ex: wps-hide-login_old) This will disable the plugin, and your site will return to using the default login URL, at which point you will be able to log in again and change the URL back.
Changing the login URL with WPS Hide Login does not affect your site’s functionality. It does not change anything other than the URL you access the admin login page at. There will be no changes for front-end users and visitors.
Yes, you can modify the login URL as many times as you wish. To do this, navigate to WordPress Settings > General, edit the Login URL field in WPS Hide Login plugin settings, and save it. Just note the new URL so you don't lock yourself out of your site.
Read More: Sticky Header Effects for Elementor
