Customising The WordPress Login URL – WPQuickies

In this lunchtime WPQuickies, I’ll show you different ways to customise your WordPress login URL.

Finding Your WordPress Login URL

If you need help locating your WordPress login URL, watch my WPQuickies video How To Find Your WordPress Login URL.

Here’s a quick summary.

The WordPress login page can be reached by adding /login/,  /wp-admin/, /admin/, or /wp-login.php at the end of your site’s URL.

If you installed WordPress on a subdirectory (pinkfluffyunicorns.com/wordpress/) or subdomain (blog.pinkfluffyunicorns.com/), add one of the three paths at the very end of your URL such as: pinkfluffyunicorns.com/wordpress/wp-login.php or blog.pinkfluffyunicorns.com/wp-login.php

Why Change The Default WordPress Login URL?

Leaving your WordPress website with the default login URL leaves the site wide open to bot attacks.

They are set up to probe every website with those three default login resources /login/, /wp-admin/,  /admin/ and /wp-login.php.

When they get a valid response, the gloves are off and they start their brute force attack methods.

If the bots don’t get a valid response, they are likely to move to the next target website.

By changing the default login of your WordPress website, you could help thwart numerous attempts to hack your website.

Bot attacks also slow down the web server as it has to respond to thousands of requests and that can hurt your overall search engine rankings.

There’s also another valid reason to change the default WordPress login URL and that is to prevent the server being overrun with too many requests and throwing a “429 Too Many Requests” error.

Error 429 Too Many Requests

This happens when the server is flooded with too many requests for responses which can happen during a bot attack.

That’s going to prevent your real visitors getting access to or logging in to your website.

Changing The WordPress Login URL Using A Plugin

The easiest way to change the WordPress login URL of your website is to use the WPS Hide Login plugin.

https://wordpress.org/plugins/wps-hide-login/

Once installed and activated, navigate to Settings > WPS Hide Login.

The settings are appended to the Settings > General page.

WPS Hide Login settings

The plugin intercepts requests to the default login resources and allows you to redirect to a specific page or the general 404 not found page.

You set your own customised login URL and save the settings.

Remember to jot down the new URL otherwise you’re going to have a tough time logging into WordPress.

If this happens, don’t panic.

Login to your web hosting account and use the File Manager tool in cPanel or Plesk to delete the /wp-content/plugins/wps-hide-login/ folder.

I’ve tested the plugin with some of the major plugins and it seems to work fine for internal redirection and admin-ajax requests.

Video Demo

https://adilo.bigcommand.com/watch/k3rfBn5a

Changing The WordPress Login URL Manually

Using .htaccess (Apache Only)

Link to code: https://www.wpoven.com/blog/how-to-change-your-default-wordpress-login-url/#1_Changing_the_htaccess_file

Using Nginx

https://stackoverflow.com/questions/30636207/wordpress-hide-wp-admin-to-admin-with-nginx

#WPQuickies

Join me every Thursday at 1 pm Sydney time for some more WPQuickies – WordPress tips and tricks in thirty minutes or less.

Broadcasting live on YouTube and Facebook.

Suggest a #WPQuickies Topic

If you have an WordPress topic you’d like to see explained in 30 mins or under, fill out the form below.

https://forms.gle/mMWCNd3L2cyDFBA57

Watch Previous WPQuickies

How To Fix A Blacklisted Website - WPQuickies

How To Fix Blacklisted Websites

Was this article helpful?
YesNo

Keep In Touch

Wil

Wil is a dad, WordPress consultant, WordPress developer, business coach and mentor. He co-organizes the WordPress Sydney meetup group and has been on the organising committee for WordCamp Sydney since 2014. He speaks at many special events and contributes to the WordPress open source project. His likes are chillies, craft beer and electrogravitics.