Running WordPress website these days always comes with some security concerns, according to W3Tech, one in four websites is now powered by WordPress. And with an immense number of plugins available to users, comes the potential of security risks that hackers can use to their advantage. By creating a custom WordPress login URL can help you in the fight against this.
Did you know that anyone who’s familiar with WordPress can find out your login URL? That’s right. With every install, WordPress creates two default login URL’s: /wp-admin/ and wp-login.php. That’s a huge security risk in my opinion. And I found it surprising that up until now WordPress doesn’t offer its users an option that allows creating a custom login URL.
The problem with publicly known login URLs is that bots, hackers etc. can scan for these when looking for entry points into your site. On one of the sites I manage, I had over 800 failed login attempts every day, trying to gain access to my site. Even tho they are unsuccessful, that’s sometimes enough to make your servers memory go through the roof and cause performance problems.
But hey, even tho WordPress doesn’t allow you to customize the login URL by default, it can be easily done with a Free plugin.
How to Change WordPress Login URL?
There are a number of plugins that can help you accomplish this, including:
To make things easier, we will look at a free plugin that I used myself to change my WordPress login URL to something that only I know. This stopped pretty much 99% of all those failed login attempts. The plugin is called WPS Hide Login and I chose it because it is very lightweight, so it won’t slow down your website by a bit.
In your WordPress dashboard go to “Plugins” and choose “Add New.”
When the new window opens, search for “WPS Hide Login” and click on “Install Now”. You can also download WPS Hide Login directly from the WordPress repository if you prefer to upload the plugin manually.
After the installation, go on and click on “Activate Plugin”.
Then go into your WordPress “Settings” and click on “General”.
Scroll down to the bottom of the page and you will see a new “Login URL” field. Type something creative that nobody would be able to guess but memorable so that you can remember. You can have as much fun with this as you like but I would recommend that you bookmark the new URL, in case you do forget it. Then press “Save Changes” and you are done!
The next time you login to your WordPress site you will need to use your new login URL in your browser.
I have used this plugin for nearly 6 months now on few of my sites and it has never caused me any issues whatsoever. However, if you do run into any problems, simply delete the plugin from your server using FTP or any other file manager and you will be able to use your original /wp-admin/ URL again.
I hope this little tutorial on “How To Add Custom WordPress Login URL” was helpful to you if so let me know how you got on in comments bellow. One thing I know for sure: this little plugin is definitely going into my WordPress Toolbox of recommended plugins.