By default, most WordPress login pages can be accessed by adding “/wp-admin” or “/wp-login.php” to the end of a URL. Once a hacker has identified your login page, they can attempt to guess your username and password to access your Admin Dashboard.
Learning how to hide WordPress Admin login pages is a good security measure for reducing brute force attacks on your website. Using the WPS Hide Login plugin is one of the easiest ways to hide your Admin page and reduce or eliminate login attempts on your WordPress site.
Improve the performance and security of your WordPress website with our WordPress hosting plans.
Web Application Firewalls Free SSL Certificates Advanced Server Caching
How to Use the WPS Hide Login Plugin
The WPS Hide plugin has 2 basic functions — changing the location of your Admin login and setting a redirection URL for anyone that tries to access the default admin pages. In this section, we’ll show you how to modify both of these options.
While this is especially useful against brute force attacks, relying on security through obscurity is never enough on its own. Make sure that you’re following other best practices like using strong passwords. We also have a helpful website security guide on Preventative Measures.
How to Hide WordPress Admin Login
- Install and activate the WPS Hide Login plugin by WPServeur, NicolasKulka, wpformation.
- In your Dashboard menu click Settings then WPS Hide Login.
- Scroll down to the “Login URL” section.
- Edit the available field to modify the login location. For example, if you enter “private” in the field, you would access your Admin login page by visiting:
- Click the Save Changes button after setting your login URL.
You are finished when you see a message similar to this:
“Your login page is now here: https://example.com/private/. Bookmark this page!”
Note: Save the new login page or you won’t be able to access your Admin Dashboard.
How to Set Your Redirection URL
If someone attempts to access your WordPress Dashboard using one of the typical methods (/wp-admin or /wplogin.php) they will be sent to the 404 error page. But, you have the ability to redirect them to another URL. Here are the steps to change the redirection URL.
- Login to your WordPress Dashboard.
- Click Settings then WPS Hide Login on your navigation menu.
- Scroll down to the “Redirection URL” section.
- Change the available field to the URL you want to send them to.
- Click the Save Changes button after setting your redirection URL.
I Forgot My Login URL
If you did not save or can’t remember your new login URL, you will find yourself unable to access the Admin Dashboard. In this case, you will need to disable the WPS Hide Login plugin. Here are the steps to regain access to your Dashboard by renaming the plugin folder.
- Navigate to the document root of your website, which is typically the “public_html” folder. If you use cPanel, you can login and click the File Manager link.
- Open the wp-content then plugins folder.
- Right-click the “wps-hide-login” file and rename it. For example, rename it to “wps-hide-login.old”.
- You should then be able to access the Admin login page for your WordPress website by adding /wp-admin or /wp-login.php to the end of the URL.
Now you know how to add an extra layer of security to your site by hiding the WordPress Admin login page. Be sure to check out our WordPress Education Channel for more helpful guides.
If you are making changes to your site using a stable IP address that does not change often, you can also block any IP address that is not your own from accessing the login page Using the IP Deny Manager.
Become a master of WordPress plugins! Protect, optimize, secure, and expand the functionality of your website easily with the help of WordPress plugins!