Let’s see how to change the WP Admin URL.
Security is key for any website. No matter if you are in the e-commerce industry, have blogs with thousands of readers each month, or create great contents for your visitors to enjoy, you have serius reasons to protect your websites from hackers and bots.
It’s no secret that potential hackers and bots know the default WordPress login and admin URLs. If your site uses something like “mysite.com/wp-admin” or “mysite.com/wp-login.php”, it will surely be a target for brute force attacks and other malicious activities.
Therefore, you can change the WordPress admin URL to add an extra layer of security, making it harder for attackers to locate the login page. This will reduce the risk of automated attacks, since many automated bots search the internet for WordPress websites and attempt to gain unauthorized access using common usernames and passwords. Changing the wp-admin URL can help reduce the risk of these automated attacks.
The problem: You’re not allowed to customize the wp-admin URL
If you go to Settings > Permalinks and scroll down to the Optional section, you’ll see that the WP Admin slug field doesn’t appear among the options you have to edit the permalinks.
These are the only optional fields you have by default, not counting other fields created by the plugins you’ve installed:
- Category base
- Tag base
- Product category base
- Product tag base
- Product attribute base
Therefore, if you want to change or hide the WP-Admin URL, you’ll need to install a plugin that allows you to do that.
Install the “WP Hide & Security Enhancer” plugin
The WP Hide & Security Enhancer plugin allows you to change the WordPress login page URL and the wp-admin dashboard URL.
This will strengthen the security of your website because bots and hackers will not be able to access your login page nor the /wp-admin URL.
Download the plugin here.
Alternative plugin: You can use this plugin as an alternative to WP Hide & Security Enhancer.
a) Change the WP login URL
First, let’s change / hide the URL of the WordPress login page.
Instead of using the mysite.com/wp-login.php login URL, we can select a custom URL slug similar to this: mysite.com/my-custom-login.php.
For this you need to go to WP Hide > Hide Admin > Wp-login.php in your wp-admin dashboard.
Once there, you need to select the following values:
- New wp-login.php: Add your custom login URL slug here. Make sure to include the .php extension.
- Optional – Block default wp-login.php: You can do this, but you need keep this in mind:
This can break the login page if server not supporting the feature. Ensure `New wp-login.php` option works fine before activate this. If not working, use the recovery link to revert.
- Once you’re done, click on Save.
After saving the changes, your WP login URL will be redirected to the new URL, as you can see in the screenshot below.
b) Change the WP Admin URL
Now let’s see how to change the WordPress admin URL. It is very important to hide the wp-admin URL of your website to strengthen the security of your website.
Go to WP Hide > Hide Admin > Admin URL and select these values:
- New Admin Url: Add your new admin URL slug here.
- Optional – Block default Admin Url: You use this option but you need to pay attention to this notice:
This can break the layout of dashboard admin if server not supporting the feature. Ensure `New Admin Url` option works fine before activate this. If not working, use the recovery link to revert.
- Click on Save.
After saving the changes, your wp-admin URL will be hidden and redirected to the new URL, as you can see here.
This is how you can customize your WordPress admin URL and the login page URL. This will surely enhance your security against brute force attacks and automated bots.