search ]

How to Change the WordPress admin URL (Login URL)

One of the most popular ways to breach WordPress sites is a Brute Force Attack. In this type of attack, hackers try many combinations of usernames and passwords in order to enter the WordPress admin interface.

Especially when everyone knows that the URL address to the WordPress dashboard is wp-admin, any hacker can easily start with the same attempt for a Brute Force Attack.

There are quite a few plugins that allow strengthening WordPress security and there are also quite a few security actions you can take to prevent such incidents. One of the steps that can be taken is to change the URL address to the WordPress dashboard. In this way, hackers won’t be able to find the link to the admin interface, significantly reducing the chance of such a breach.

In this short guide, we will see how to change the URL for the WordPress login screen using a plugin. As you know, I usually avoid using plugins, but in this case, all my attempts to find a solution to change the Login URL by myself failed.

Moreover, and whether you noticed or not – in most cases where I present alternatives to plugins through code, those solutions are Front-End level and less at the level of the WordPress admin interface (although there are also such posts on the blog). So there are situations where plugins do an excellent job, and changing the login url is exactly the case…

Changing the WordPress Access Address Using WPS Hide Login

With over 200,000+ active installations and a rating close to five stars, the WPS Hide Login plugin is the simplest, lightweight, and most convenient one for changing the url to the dashboard (and I’ve tested several plugins).

WPS Hide Login Installation

You can install it by searching for “WPS Hide Login” from the plugins area in WordPress or simply download it from the WordPress repository. After installing this plugin, go to the plugin settings that appear under Settings > General at the bottom of the page.

You can write whatever you want under Login URL in the plugin settings, for example, connect, logmein, admin, and anything that comes to your mind, but remember that the whole purpose is to ensure that the URL address to your WordPress site is hard to crack.

WHS Hide Login Settings

The plugin requires WordPress version 4.1 and above and of course, it does not change anything in the WordPress core files. The plugin also does not add any “rule” to the htaccess file and everything related to site login, such as registration, password recovery, etc., will continue to work as usual.

It simply “redirects” requests to the mentioned page and works great on every WordPress site without any special effort. Disabling the plugin returns your site exactly to the state it was in before activating the plugin.

Note – the plugin works on Multisite sites, but it’s important to note that it has not been tested on sites that are on a subdomain (that’s why I don’t use it on Savvy Blog).

Does the plugin cause problems with caching (cache memory) plugins?

Let’s say that the WPS Hide Login plugin supports any other plugin that hooks to the same login form. BuddyPress, bbPress, Limit Login Attempts are a few examples of plugins supported by it.

If you are using a cache plugin that is not WP-Rocket, you will probably need to add the identifier (slug) of the new url to the list of addresses not included in the cache. WP-Rocket fully supports this plugin without any action needed.

If you are using plugins like WP Total Cache or WP Super Cache, the WPS Hide Login plugin will display a message with a link to the field you need to update.

Conclusion<strong> </strong>

From a security perspective, it would be correct to change the wp-admin url to make it difficult for hackers to breach your site. If you are at the stage where you are concerned about securing your WordPress site, take a look at the guide in the category of WordPress Site Security and find there quite a few posts on security.

 

Roee Yossef
Roee Yossef

I develop pixel-perfect custom WordPress themes, delivering high-performance, SEO-optimized websites. Have a project in mind? need assistance? Feel free to contact me!

0 Comments...

Leave a Comment

To add code, use the buttons below. For instance, click the PHP button to insert PHP code within the shortcode. If you notice any typos, please let us know!