If you own a WordPress website, most default login pages are accessed by the “/wp-admin” or “/wp-login.php” URL. When hackers identify your login page, they will try to guess a username or password to gain access to your WordPress Admin Dashboard. Here is a quick guide on hiding your WordPress Admin login page for added security and to reduce brute force attacks. This WordPress plugin recommendation does not replace any website security services or WordPress security best practices. There are many types of security WordPress plugins similar to the one recommended in this post. If you are not comfortable activating new plugins on your WordPress, we advise that you ask your WordPress Administrator to perform these changes for you.
How to Use the Change wp-admin login Plugin
The “Change wp-admin login” plugin for WordPress websites allows you to change the wp-admin URL to any name you want safely. In this post, we will share how to update this plugin in your WordPress Dashboard. Stop right here if you do not have experience updating or making changes to a WordPress website. We highly recommend hiring a WordPress webmaster to help manage and update your WordPress website safely. Clarus Creative offers WordPress website-managed solutions.
How to Hide WordPress Admin Login
Step 1. Install and activate the Change wp-admin login plugin by Nuno Morais Sarmento.
Step 2. In your WordPress Dashboard menu, click Settings and then click on “Permalinks” and change your “Login URL” under the “Change wp-admin login” section. Please review the image diagram shown below.
Step 3. Click the Save Changes button after setting your login URL. The blank field for “Redirect url” is optional. You are finished when a message similar to this shows: “Your login page is now here: https://example.com/private/. Bookmark this page!”*
Step 4. It is recommended to use the latest version of WordPress and themes. Do not sign out of your WordPress Admin Dashboard until all WordPress versions and themes are updated.
Step 5. Do not link this new login URL to your website or pages. Keep your new URL in a safe place (your Browser bookmarks list is best).
Lastly, if you use a caching plugin for WordPress, we recommend adding your new login page to the list of pages excluded from caching.
*You may change this URL name anytime by going back to Settings > Permalinks > Change wp-admin login. Just be sure to save/update/bookmark the new WordPress Login Admin URL. If you have trouble with your WordPress plugin, the Developer has a support forum available.
Other solutions to secure your WordPress Website
There are other WordPress developer solutions to secure your WordPress website. These solutions are more technical and require more experience and expertise. If security-based WordPress updates might be too overwhelming or a huge time suck, hire the experts at Clarus Creative for all of your WordPress website-managed solutions.