In this lunchtime WPQuickies, I’ll show you different ways to customise your WordPress login URL.
Finding Your WordPress Login URL
If you need help locating your WordPress login URL, watch my WPQuickies video How To Find Your WordPress Login URL.
Here’s a quick summary.
The WordPress login page can be reached by adding /login/, /wp-admin/, /admin/, or /wp-login.php at the end of your site’s URL.
If you installed WordPress on a subdirectory (pinkfluffyunicorns.com/wordpress/) or subdomain (blog.pinkfluffyunicorns.com/), add one of the three paths at the very end of your URL such as: pinkfluffyunicorns.com/wordpress/wp-login.php or blog.pinkfluffyunicorns.com/wp-login.php
Why Change The Default WordPress Login URL?
Leaving your WordPress website with the default login URL leaves the site wide open to bot attacks.
They are set up to probe every website with those three default login resources /login/, /wp-admin/, /admin/ and /wp-login.php.
When they get a valid response, the gloves are off and they start their brute force attack methods.
If the bots don’t get a valid response, they are likely to move to the next target website.
By changing the default login of your WordPress website, you could help thwart numerous attempts to hack your website.
Bot attacks also slow down the web server as it has to respond to thousands of requests and that can hurt your overall search engine rankings.
There’s also another valid reason to change the default WordPress login URL and that is to prevent the server being overrun with too many requests and throwing a “429 Too Many Requests” error.
This happens when the server is flooded with too many requests for responses which can happen during a bot attack.
That’s going to prevent your real visitors getting access to or logging in to your website.
Changing The WordPress Login URL Using A Plugin
The easiest way to change the WordPress login URL of your website is to use the WPS Hide Login plugin.
Once installed and activated, navigate to Settings > WPS Hide Login.
The settings are appended to the Settings > General page.
The plugin intercepts requests to the default login resources and allows you to redirect to a specific page or the general 404 not found page.
You set your own customised login URL and save the settings.
Remember to jot down the new URL otherwise you’re going to have a tough time logging into WordPress.
If this happens, don’t panic.
Login to your web hosting account and use the File Manager tool in cPanel or Plesk to delete the /wp-content/plugins/wps-hide-login/ folder.
I’ve tested the plugin with some of the major plugins and it seems to work fine for internal redirection and admin-ajax requests.
Changing The WordPress Login URL Manually
Using .htaccess (Apache Only)
Join me every Thursday at 1 pm Sydney time for some more WPQuickies – WordPress tips and tricks in thirty minutes or less.
Suggest a #WPQuickies Topic
If you have an WordPress topic you’d like to see explained in 30 mins or under, fill out the form below.