It is very easy to create a website but it is also important to pay attention to your website’s security as hackers constantly try to infiltrate the backend of your website and sadly, it is very easy for them to know about your login URL. Once they know that your site is a WordPress site, they can easily guess the URL as mostly every WP installation, by default, has two login URLs: /wp-admin.php and /wp-login.php. The main reason for changing the URL is the security of your website and the second one may be related to rebranding every single element of the login experience for the users of your website. Whatever the reason may be, in this article, we will see how you can change the WordPress login URL of your WP site.
How To Change WordPress Login URL Manually
Normally, I suggest doing anything without using a plugin as the use of plugins may cause your website to get slower. But this time, I would recommend using a plugin for changing the login URL of your website. This is because changing the login URL manually has to deal with modifying some of the core files that may eventually give rise to some other issues. However, we are definitely going to discuss the manual login URL changing procedure (assuming that you do not want to use many plugins on your site). And one more thing before we go into the discussion. Though you may not use any plugin, you will still have to add certain codes to the HT access file and have to upload the same. Let us take a look at it.
Go to your root directory and start by downloading the HT access file. After downloading it, open this file in the text editor and do the changes as discussed below.
- The first and foremost thing you have to do is add a filter in your HT access file for your new WordPress login URL.
- After you are done with manually adding the above codes, you need to upload the required file (this thing should do the trick for you).
You should get a new WordPress login URL for your website which should be effective (at least it is expected) in blocking brute-force attacks and other malicious attempts of hackers that are trying to login to your website’s database using your WordPress website login page.
As I said earlier, getting a new WP login URL is always better with plugins. This is because as you are dealing with the core files, there is always a chance that some or the other problem may crop up sooner or later. That is why you have to be extremely careful while changing the WP login Url manually and have to double-check each and every step to make sure that you do not see yourself as well as your website in some other trouble. Also, you need to take a complete backup of your website before you start making any changes in the URL. This is very important because even if you mistakenly do anything wrong, you always have a chance to reload the theme back and get its original codes ‘as it is’. The manual process also requires you to do the same changes with every single update.
Considering all these factors, it is better to avoid messing with core files and go for plugins when you have to change your WP login URL.
How To Change WordPress Login URL With The Help Of a Plugin
Follow these instructions to change the WP login URL using a Plugin.
Step 1: Take Backup
With backup, I mean complete backup and not just the backup of your database (you may use ManageWP for it). Just verify if your backup is completed and make sure that it is stored in the desired location before you proceed further.
Step 2: Install And Activate The Plugin ( I Am Using Better WP Security Plugin)
Though there are many security plugins available for helping you to change WordPress login URL of your WP site, Better WP Security plugin works really well as it has many features and advanced functionality. Plus, it is very easy to install and use. It will work like a champ right from the very beginning.
Step 3: Setup The Security Plugin
Once the installation and activation of the plugin is done, you need to follow the steps given below:
1. Open the wp-admin options page of the plugin.
2. Make your backup selection. Then, allow this plugin to change the core files of WordPress (you must read the warnings first). You need to click on the button named ‘Secure My Site From Basic Attacks’.
3. Click on the ‘Hide’ tab. Check the box ‘Enable Hide Backend’. You can enter the new desired login, register, and admin slugs or may leave them at the plugin’s default ‘login’, ‘register’, and ‘admin’. After you are done. Click on ‘Save Changes’.
4. Just don’t forget to note down your new URL as you may forget it.
If you use an auto-login tool such as ManageWP, you may not need to keep a note of your new login URL. You will need to re-adding the website to your WP-admin dashboard. Follow these steps.
- Login to ManageWP dashboard
- In the navigation menu, click on the site for which you have changed the login URL.
- Click on ‘Options’ and change the ‘Website Admin URL’ option to …/login/ from …/wp-admin/ (it is just an example. You can change the option according to whatever you have used in the URL)
- After you click ‘Save Changes’, the window will auto-close after displaying the ‘Options Updated’ message for a couple of seconds.
- To make sure that ManageWP is able to auto-login at the new URL, click on the site again and click the ‘Site Admin’ button. If your login attempt via ManageWP is successful, you are done! Now you can add your favorite WordPress Theme and carry on with your business.