---
title: "How to Change your WordPress admin URL with Lockdown WP Admin"
description: "Note: The Lockdown WP Admin plugin is no longer supported in newer versions of WordPress. Because WordPress brute force attacks are on the rise, using a WordPress plugin like Lockdown WP Admin can..."
url: https://www.inmotionhosting.com/support/edu/wordpress/change-wordpress-admin-url-with-lockdown-wp-admin/
date: 2014-01-21
modified: 2022-03-07
author: "InMotion Hosting Contributor"
categories: ["WordPress Hosting", "WordPress Tutorials"]
type: post
lang: en
---

# How to Change your WordPress admin URL with Lockdown WP Admin

Note: The Lockdown WP Admin plugin is no longer supported in newer versions of WordPress.

Because [WordPress brute force attacks](https://www.inmotionhosting.com/support/edu/wordpress/wp-login-brute-force-attack/) are on the rise, using a WordPress plugin like **Lockdown WP Admin** can help by allowing you to change the WordPress default login URL. This way attackers won’t have access to your admin login form, so they can’t continually try to guess your password and break in.

If you’re curious if your WordPress site has already had malicious users trying to login to your admin dashboard, you can check out my guide on [reviewing WordPress login attempts](https://www.inmotionhosting.com/support/edu/wordpress/review-wordpress-login-attempts/) for easy steps on how to find out.

You also want to make sure after you [install Lockdown WP Admin](#install-plugin), be sure to [hide the secret URL from the Meta widget](#hide-secret-url) so that an attacker can’t discover your new server admin address.

## Install and configure the Lockdown WP Admin WordPress plugin

Using the steps below you can quickly install the **Lockdown WP Admin** plugin and configure it so that your normal WordPress login URLs of **/wp-admin** and **wp-login.php** are changed.

1. [Login to WordPress admin dashboard](https://www.inmotionhosting.com/support/edu/wordpress/logging-into-wordpress-dashboard/)
2. For this plugin to function correctly your site must first be be using [WordPress permalinks](https://www.inmotionhosting.com/support/edu/wordpress/setting-up-permalinks-on-your-wordpress-site/)
3. Hover over **Plugins**, then click on **Add New**
4. Type in **Lockdown WP Admin**, then click on **Search Plugins**
5. Click on **Install Now** beside the **Lockdown WP Admin** plugin
6. Click **OK** on the confirmation pop-up window
7. Click **Activate Plugin**
8. Hover over the new **Lockdown WP**, then click on **Lockdown WP**
9. Place a check beside **Yes, please hide WP Admin from the user…**
10. Change your **WordPress Login URL** to something like **secret-admin**
11. Hover over **Howdy, User**, then click on **Log Out**
12. You should see the **secret-admin** URL you set
13. Try to directly access **/wp-admin** or **wp-login.php**, you get a 404 page
14. Access the **/secret-admin** URL and you get your WordPress login page

## Prevent WordPress Meta widget from exposing secret login URL

Unfortunately while the **Lockdown WP Admin** plugin does a great job securing your site from bots that might continually try to hit the default login URLs, it also updates the **Meta widget** in WordPress with the new updated URL as seen below:

[![wordpress meta log in link still links to secret admin](https://www.inmotionhosting.com/support/wp-content/uploads/2014/01/wordpress-plugins_lockdown-wp-admin_wordpress-meta-log-in-link-still-links-to-secret-admin.png)](https://www.inmotionhosting.com/support/wp-content/uploads/2014/01/wordpress-plugins_lockdown-wp-admin_wordpress-meta-log-in-link-still-links-to-secret-admin.png)

There are two ways in which you can prevent your secret login URL from being shown like this.

### Remove Meta widget from WordPress

1. [Login to WordPress admin dashboard](https://www.inmotionhosting.com/support/edu/wordpress/logging-into-wordpress-dashboard/)
2. Hover over **Appearance**, then click on **Widgets**
3. Click on the **Meta** widget, then click on **Delete**

### Edit WordPress general-template.php file to hide Log In link

1. You can also simply edit the **Log in** link from displaying on your WordPress site by editing your template file. Although note that if you are doing it this way, future WordPress updates might override the files in your **/wp-includes** and revert your changes, so keep that in mind.
2. Use the [cPanel File Manager Code Editor](https://www.inmotionhosting.com/support/edu/cpanel/file-manager-code-editor/)
3. Navigate to your **/wp-includes** directory
4. **Right-click** on **general-template.php**, then click **Edit**
5. Look for this line of code:
6. You should now see that the **Log in** link is gone from the **Meta** widget

You should now know how to add an extra level of security to your WordPress site by making sure that bots and malicious users can’t easily get to your admin log in anymore.
