In this short tutorial I’m going to show you how to change your WordPress login URL.
This is an important step in protecting your WordPress site from hackers.
By default all WordPress sites have the same login location. It’s at:
Hackers have automated scripts that go to that location and throw thousands of passwords at the form trying to get in.
By changing the location of your login form those automated scripts will have a much harder time getting into your site.
Login to your site to get started.
Adding The Plugin
In the left navigation, hover over Plugins and click on Add Plugin.
In the top right corner there is a plugin search box. This will search the WordPress plugin repository. In the box type in “WPS Hide Login”
The first result that should come up is this one:
You can see at the time of this writing there are over 700,000 active installations and it’s got a lot of 5 star reviews.
I’ve used this plugin for years and it’s great.
Click the Install Now button in the box and when it changes to the blue Activate button click on that.
Once it installs you will be taken back to your Plugins page and you’ll see the plugin in the plugins list.
Configuring The Plugin
There are a few ways you can get to the plugin settings. You can either click on the Settings link in the Plugin’s listing or you can hover over Settings in your left navigation and then click on WPS Hide Login in the sub-menu.
There are only two textboxes we need to look at to configure this plugin.
The top one, labeled Login URL, is where we set our new location for our login page. They have it set to “login” which is okay but I prefer to set it to something a little more hidden than that.
I’ll change this to “mylogin”. You should change this to whatever you want but be sure to document this someplace in case you forget it.
The next textbox is where we want people to be sent to if they try to go to the wp-admin page without being logged in.
They have it set to point to the 404 page of your website which is where visitors are sent if a page doe not exist. I always leave it at that but you could change it to a custom page if you’d like.
When you are done making these two changes click the blue Save Changes button at the bottom of the page.
The page will refresh and you’ll see a success message and a reminder to bookmark the location of your new login page.
Testing The Plugin
Now logout using the menu in the top right corner of your admin panel.
If you try to go to the old login page at /wp-admin:
You will be redirected to the page that you set in the second box, the 404 page in my case.
However if you go to the URL you set in the first box you should see your login form.
You’ve just taken a great first step in protecting your WordPress website from hackers.