How To Change WordPress Login Url? (Best solution)

5 Steps to Changing Your WordPress Login URL

  1. Step 1: Backup Your WordPress Website.
  2. Step 2: Install The WordPress Plugin To Change Login URL.
  3. Step 3: Configure The Plugin.
  4. Step 4: Update Bookmarks and Share URL With Team.
  5. Step 5: Test Your New Login URL.


How do I change my WordPress login manually?

Step 1. Download Your wp-login. php File

  1. Then, in the file manager’s left sidebar, click the public_html folder.
  2. From there, find the wp-login.
  3. When you’ve made those changes, save your file.
  4. Upload Your New Login File.
  5. Register New Login File URL using Login URL Filter Hook.

How do I create a custom WordPress login URL?

Once the plugin is installed and activated, navigate to Settings » WPS Hide Login. Then, add your new login page URL in the ‘Login url’ box. You can also add a redirect URL in the ‘Redirection url’ box. This will redirect people to another page on your WordPress blog when they try to access the default wp-login.

How do I change my WordPress login URL in cPanel?

How to change WordPress site address (URL)

  1. Find the name of your database in wp-config.
  2. Go to cPanel > Databases section > phpMyAdmin menu:
  3. Click on ‘+’ next to your cPanel username to expand the list of the databases, locate the database for the WordPress website and click on it.

How do I change the login link in WordPress without plugins?

Login through your new URL.

  1. Create a New File. Create a new file from the text editor and save it into your root folder.
  2. Copy and Paste the Code. Next open up the wp-login.
  3. Find and Replace the String “wp-login. php”
  4. Delete the wp-login. php File.
  5. Test Out Your New Login URL.

How do I hide my WordPress admin URL?

Installation Steps:

  1. Open your WordPress site and login to WP Admin.
  2. Click Plugins then “Add New”
  3. Search for Install WPS Hide Login and install and activate the plugin.
  4. The page will redirect you to the settings.
  5. You can change this option any time you want, just go back to Settings › General › WPS Hide Login.

How do I change my website URL in cPanel?

2) Click My cPanel. 3) Select Files > File Manager from the cPanel menu. 4) Right-click your site’s index file (or the page file into which you wish to add the URL frame) and select Edit from the context menu. 6) Be sure to change to the URL you wish to display in the frame.

How do I disable login in WordPress without plugins?

2. Hide WordPress Login Page Without A Plugin

  1. 1 – Make a backup of your wp-login. php file.
  2. 2 – Create a new PHP login file.
  3. 3 – Search and replace the ‘wp-login.
  4. 4 – Upload your new login file to your server.
  5. 5 – Update the default login and logout URLs.
  6. 6 – Test your new login URL.

How do I create a custom login and registration page in WordPress without plugins?

How to Create User Registration Form in WordPress without Plugin?

  1. Allow Users to Register with a Front-end Form. The first thing you need to do is allow users to register with a front-end form.
  2. Create Login and Registration Form Using Meta Widget. The next step is to add a meta widget to your site’s footer or sidebar.

How to Find Your WordPress Login URL (Change It, Lock It Down)

Beginner WordPress users have a difficult time entering into their accounts since the platform is not intuitive. In this post, I’ll go over how to locate your WordPress login URL, as well as a few other important points to keep in mind when it comes to the login process. Let’s start at the very beginning of this discussion.

Prefer to watch thevideo version?

Immediately following the installation of WordPress, you’ll have access to your website’s administration dashboard, where you’ll be able to customize your site and make a few minor adjustments. If you didn’t have access to the administration pages, this would be impossible. This page prevents you (and others) from gaining access to the “administration side” of your WordPress site, which is the login page. You will be unable to fully control your website or blog if you do not have access to the administration section.

How to Find Your WordPress Login Url:

The WordPress login page may be accessed by appending the characters / login /, / admin /, or / wp-login.php to the end of the URL of your website. Add one of the three paths to the very end of your URL if you installed WordPress in a subdirectory (or a subdomain (, such as:wp-login.phpor wp-login.phpor wp-login.php if you installed WordPress in a subdirectory (or a subdomain (

How to Find the WordPress Login URL

The process of locating the WordPress login page is generally less complicated than you may imagine. While using a new WordPress installation, you may redirect to your website’s login page by including the words admin (for example:) or login (for example:) at the end of the website’s URL. Normally, clicking on either of these two will take you right to your WordPress login page. In the event that this does not occur, there is an other method of reaching your login page: you may append/wp-login.php to the end of the URL, as seen in this example:.

How to Find the WordPress Login URL on a Subdirectory or Subdomain

All of this is valid for both a regular and a newly installed WordPress installation. Although it is possible that you have installed WordPress on a subfolder of your domain, such as a WordPress subdomain such as, this is not recommended. If that’s the case, you’ll need to append one of the aforementioned paths right after the subdirectory or subdomain’s closing slash, i.e. the/symbol, to get something like this: If that’s the case, you’ll need to append one of the aforementioned paths right after the subdirectory or subdomain’s closing slash, i.e.

If you don’t want to forget about it, make a note of your favourite URL in your favorites.

Assuming that nothing improper and/or dangerous is taking place on your site, you’ll need your email address/username as well as your password to proceed.

Unfortunately, evil men may be found everywhere, and your website may become a target as a result.

At the very least, let’s relocate the login page! What the hell happened to the WordPress login page? Follow these instructions to quickly locate your login URL while also increasing your security at the same time! To send a tweet, simply click here.

How to Change the WordPress Login Page

It is important that hackers and malicious attackers (also known as the bad guys) be unable to access your login page since they may get access to your site’s administration page and begin to create havoc. Believe me when I say that this was a bad experience. If you want to prevent unwanted access to your website, employing a strong, unique, and long password may be quite beneficial. However, there are never enough precautions you can take when it comes to website security. One simple and successful method of keeping the bad guys out of your WordPress site is to relocate the login page to a new, unique URL.

Firstly, a word about brute force attacks: these are hacking attempts in which the hostile subject tries to guess your login and password repeatedly, leveraging databases of common usernames and passwords that have been disclosed on the internet.

In today’s environment, there is a good probability that either your WordPress password or username may appear on one of these leaked lists.

As a result, redirecting the WordPress login page to a separate URL might be advantageous.

Change Your WordPress Login Page with a Plugin

With a free plugin like WPS Hide Login, which has more than 800,000 active users, changing your WordPress login URL page is the most frequent and most straightforward method of changing your login URL page. The plugin is extremely lightweight, and, more importantly, it does not modify any core files or introduce any rewrite rules to the system. It does nothing more than intercept queries. Also compatible with BuddyPress, bbPress, the Limit Login Attempts plugin, and the User Switching plugin, among other things.

All that is required when the software has been downloaded and enabled is to:

  1. In your right-hand sidebar, choose WPS Hide Login from theSettingstab
  2. Then click OK. Fill in the Login URL area with the path to your new Login URL
  3. In the Redirect URL field, specify a specific redirect URL. This page will be displayed when a visitor attempts to access the usual wp-login.php page and the wp-admin directory while not signed into WordPress. Save the changes by using the Save button.

In your right-hand sidebar, choose WPS Hide Login from theSettingstab. In theLogin URLfield, provide the path to your new Login URL; Redirect URL should contain a specified redirect URL. When someone attempts to visit the usual wp-login.php page and the wp-admin directory while not logged in, this page will be displayed. Save your changes by using the Save button.

Change Your WordPress Login Page Editing Your.htaccess File

In your right-hand sidebar, choose WPS Hide Login from theSettingstab; Fill up theLogin URLfield with the path to your new Login URL; In the Redirect URL field, provide a particular redirect URL. When someone attempts to visit the usual wp-login.php page and the wp-admin directory while not logged in, this page will be displayed; Press the Save Changes button.

Limiting Login Attempts

In addition to limiting the number of login attempts, this is an excellent security measure. If you are a Kinsta customer, we will automatically prohibit IP addresses that make more than 6 unsuccessful login attempts in a one-minute period. Alternatively, a free plugin such asLimit Login Attempts Reloaded may be downloaded. Limit the number of login attempts that can be reloaded. The plugin’s configuration settings are rather easy.

  • Total Lockouts: this metric tells you how many hackers attempted to break in but were unsuccessful
  • There is a limit on the number of attempts a certain IP address is permitted to make before they are blocked.

There is little doubt that the most common retry number is somewhere between four and six tries. When actual humans who should have access make mistakes (because, after all, we all make mistakes when typing passwords), they will be able to recognize that they have made a clumsy entry and correct themselves.

Want to know how we increased our traffic over 1000%?

Join over 20,000 other people who receive our monthly email, which contains insider WordPress advice! Now is the time to subscribe. The above-mentioned two elements are critical, especially if you have regular guest bloggers or a large number of contributing staff members who are accountable for maintaining your website’s content.

  • Minutes lockout: the length of time that an IP address will be blocked

You might want to leave it set to “forever,” but it isn’t useful for those who have made a genuine mistake – you want such folks to be able to get access again at some point. 20-30 minutes is a good amount of time.

  • It is more probable that there will be another Brute Force Attack, hence the number of lockouts will grow.
You might be interested:  Where Are Wordpress Pages Stored? (TOP 5 Tips)

In essence, this function says, “Look, I’ve seen you lock yourself out a few of times previously, so I’m going to lock you out for a little longer.” One day is a reasonable time frame to work from.

  • Hours till retries: how long it will take until everything is reset and people may attempt again

Additionally, you may adjust your whitelist, blacklist, and trusted IPs with the plugin.

How to Fix the Most Common Issues with the WordPress Login

Logging into your WordPress website is a simple and straightforward process. However, some users—including you?—may have encountered difficulties while attempting to access their WordPress website. Most of the time, such difficulties fall into one of the following categories:

  • Problems with the password
  • Problems with cookies
  • And other issues.

Problems with the password; problems with cookies; and other issues

WordPress Login: Password Lost/Forgot

If you’re having trouble logging in, it’s possible that your login credentials aren’t correct. First and foremost, make sure that the login and password you’re entering in are valid before moving on to the rest of the process. It’s a common error made by the majority of us, yet it happens seldom. Is it true that it worked? If this is the case, you may want to consider changing your WordPress password before doing something else. If you have forgotten your password, simply click on the link Lost your password?

When you click on the link below, you will be sent to a page where you will be asked for your login and email address, and a new password will be issued to you.

Manually Reset WordPress Password with phpMyAdmin

If this does not work, things will become a little more complex, as you will be need to do a manual password reset on your computer. We strongly advise against doing this if you are not familiar working with database files. The password file on your database may be edited to manually reset your WordPress login password.

This shouldn’t be difficult if you have access to phpMyAdmin on your host’s server. Before making any changes to your database files, make a backup of your site to ensure that nothing goes wrong. Done? Great!

Step 1

Now, open phpMyAdmin and log in. If you’re a Kinsta customer, you may access phpMyAdmin through the MyKinsta dashboard, which includes a login link. Log in to the phpMyAdmin interface.

Step 2

phpMyAdmin may now be accessed. Kinsta customers may access phpMyAdmin through the MyKinsta dashboard, which includes a link to log in to the system. Open phpMyAdmin and sign in with your username and password

Step 3

In the user passcolumn, type in a new password for the user (it is case-sensitive). MD5 should be selected from the Function drop-down menu. Then press the “Go” button. In phpMyAdmin, you may reset your password.

Step 4

Test the new password on your login screen to make sure it works.

Manually Reset WordPress Password with WP-CLI

Another option for resetting your WordPress password is to use the WP-CLI command line interface. WP-CLI is a command-line tool for WordPress developers that allows them to manage common (and not so common) activities associated with a WordPress installation.

Step 1

To begin, use the following command to display a list of all of the current WordPress users in the installation. $ wp user list on the command line

Step 2

Then, using the following command, together with the user ID and the new desired password, you may update the user password. $ wp user update 1 -user pass=strongpasswordgoeshere $ wp user update 1 -user pass=strongpasswordgoeshere

Step 3

Test the new password on your login screen to make sure it works.

WordPress Login: Cookies

Some difficulties with cookies may prevent you from being able to log in at times. If this is the case, please contact our support team. If this is the case, you will most likely get the following error: Cookies are being banned or are not supported by your browser, which results in an error. WordPress cannot be used unless cookies are enabled. Cookies have been banned or are not supported error message WordPress login is dependent on cookies in order to function properly. If they are deactivated or not functioning properly, there is a good likelihood that you will encounter difficulties on the login page.

  • Cookies in Google Chrome
  • Cookies in Mozilla Firefox
  • Cookies in Internet Explorer
  • Cookies in Safari
  • Cookies in other browsers

Especially common on WordPress sites that have just been transferred, as well as on WordPress Multisite sites, is this behavior. Occasionally, merely refreshing your browser and attempting to login again will be sufficient to resolve this issue. If that doesn’t work, you might try deleting your browser’s cache or using another browser in incognito mode. After trying everything else, you can try adding the line below to your wp-config.php file, immediately before the closing tag. /* That’s it, don’t go any farther with editing!.*/define(‘COOKIE DOMAIN, false); Depending on whether or not you have a WordPress multisite installation, you may want to check to see whether there is a sunrise.php file in the/wp-content/folder and change it tosunrise.php.disabled before proceeding.

WordPress Multisite no longer requires the use of a plugin in order to map domains as of WordPress 4.5. If you are a Kinsta customer and are unsure about anything, please contact our customer service team and ask for assistance.


Your WordPress login page serves as the portal via which you get access to your site. If you are unable to log in successfully, you will be treated as a site visitor instead. You should understand how to access this critical page so that you don’t have to waste valuable time each time you need to log into your WordPress site. Do you want to make a little improvement in your security? You may replace the default WordPress login URL with a custom one of your own, and you should only share that URL with individuals you trust.

(See also: How to Change Your WordPress URL for more information.) Save time and money while improving the overall speed of your site by implementing:

  • Instant assistance from WordPress hosting professionals, available 24 hours a day, seven days a week
  • Integration of Cloudflare Enterprise Edition
  • With 29 data centers across the world, you can access a global audience. Application Performance Monitoring (APM) is embedded into our platform, allowing for optimization.

That and much more is included in a single plan that includes no long-term obligations, aided migrations, and a 30-day money-back guarantee, among other things. Check out our options or speak with a sales representative to select the plan that is suitable for you.

How to Create a Custom WordPress Login URL

By default, every WordPress installation includes two login URLs: and These URLs are used to access the administration and login pages, respectively. Despite the fact that these URLs are fully working, there are two very excellent reasons why you might wish to modify them. Security is the first and most critical consideration. The second advantage is that it allows you to customize every aspect of the login experience for your site visitors.

Why Change the WordPress Login URL?

There are several security concerns that might arise as a result of making your login page accessible to the general public, as previously stated. Specifically, brute force assaults are prohibited. Because of the widespread usage of WordPress, these kind of assaults are becoming more and more regular in nature. One of the reasons is that the great majority of WordPress users continue to utilize the /wp-admin URL for logging in. And do you know what else? They will almost certainly gain entry.

Not only that, but they also re-use the same badusernames and passwords over and over again, which is quite annoying.

  1. 123456
  2. Password
  3. 12345678
  4. Qwerty
  5. 12345
  6. 123456789
  7. Letmein
  8. 1234567
  9. Football
  10. Iloveyou
  11. Admin
  12. 123456

The worst part is that the majority of these are used in combination with the most cliche of cliches, the default administrator login name. If you’ve inherited a site with the username adminna, please accept my apologies. I’ve been there myself. To be really honest, I’ve even done it myself because it’s simple and quick. However, it is quite insecure. Fortunately, you can genuinely modify a WordPress username after it has been created, despite the fact that the manual states that you cannot. Nevertheless, this is neither here nor there.

This alone should be sufficient justification for changing your WordPress login URL (or, at the very least, your username), and I’m not sure what else would be.

Perhaps unique branding and a whole new login experience are in order? Customers, by the way, appreciate login screens that are tailored to their company and brand. What ever the cause for the change, here’s how to go about implementing it.

How to Create a Custom WordPress Login URL

Subscribe to our YouTube channel for more information.

How to Change Your WordPress Login URL without a Plugin

Don’t. Make use of a plugin. Change your WordPress login URL without using a plugin may not be the greatest decision, despite what it may appear to be on the surface. It’s a youcando situation. However, you should not. When you totally modify the WordPress login URL without using a plugin, you’re entering into the WordPress Core files, which is a massive no-no in most cases. There is guidance in the Codex on how to create a totally different login page by utilizing hooks to separate login fields from one another.

Now, typically, I recommend that you do everything you can to avoid using a plugin.

Additionally, it may educate you a great deal about how the CMS works.

How to Change the WordPress Login URL with a Plugin

The usage of a plugin is the safer and most effective method of changing the WordPress login URL. There are a number of options available (including iThemes Securityworks, which functions as both a login obfuscator and a comprehensive security suite), but WPS Hide Login is the simplest. It is, without a doubt, the gold standard for the procedure. It just does one thing, and it does it really well. As soon as the plugin is loaded and functional, you will see a new option under your general settings, where you can simply input the new slug under which you want the login fields to be located.

  • Both of these options will lead you to the same location.
  • It is important to note that it also restricts access to thewp-login.php and thewp-admindirectory for those who are not connected to the network.
  • If you do not do so, you will receive a 404 Error.
  • However, when you navigate to your freshly modified WordPress login URL, you should be greeted with a familiar site instead (pun intended).

Two Things to Keep in Mind

The first is that, as soon as you activate this plugin, you will no longer be able to access the previous login pages. WPS Hide Login will automatically redirect you to the /loginfor entry by default. This will take effect instantly upon activation, even before you have a chance to go into your settings and make any changes yourself. Please keep this in mind. Also, if you have modified your website’s URL, please keep that in mind. Otherwise, I believe you’ll have a handful of difficulties logging in, to put it mildly.

Obviously, you don’t want to be locked out of your own website.

If you decide that you do not want to travel down this path, you will not cause any damage to the database or prevent anyone from accessing it.

Final Thoughts

While the idea of modifying one of the most essential components of WordPress may seem intimidating at first, hopefully you’ve seen that it can be accomplished with a few clicks thanks to the efforts of some very wonderful developers out there who have made it possible. As previously stated, it is perfectly feasible to alter the WordPress login URL without the use of a plugin; however, doing so is not recommended as a best practice. There are just too many variables to consider when working with the Core files, and when it comes to making changes to them as well as the database, depending on a plugin is always the safer approach, as seen above.

What has been your experience when you’ve changed the WordPress login URL?

BarsRsind / provided the featured picture for this article.

How to Add Custom Login URL in WordPress (Step by Step)

Is it important to you to be able to login to WordPress using a custom URL? Using a custom login URL in WordPress may help you increase the security of your website while also providing a better user experience for your visitors. Throughout this post, we’ll walk you through the process of setting up a custom login URL in WordPress.

Why Add a Custom Login URL in WordPress?

WordPress is the most popular content management system (CMS) and runs more than 40% of all websites. Because it is so widely used, it is frequently targeted by hackers who attempt to enter into your dashboard using tactics such as brute force assaults to gain access. Bots and hackers attempting to get access to your site are familiar with typical login URLs such as wp-admin and wp-login, and they will attempt to gain access to your site using these URLs as a first step. In order to increase the security of your website and make it more difficult for hackers to get access to your WordPress website, you should change the URL of the WordPress login page.

Your login page may have its URL and design customized to reflect your company’s logo and the theme that you are currently using on your WordPress site.

You might be interested:  How To Add Ad In Wordpress? (TOP 5 Tips)

How to Add a Custom Login URL in WordPress Using SeedProd

Using a WordPress plugin is the quickest and most straightforward method of creating a custom login URL in WordPress. This allows you to easily modify your WordPress login URL without having to make any changes to the core WordPress code. We propose that you make use of theSeedProdplugin. It is the most popular drag and drop WordPress page builder, with over 1 million sites using it. The URL of your SeedProd login page may be simply customized with this plugin. Installation and activation of the plugin are the first steps you must do.

  • Although there is a free version of SeedProd available, we will be utilizing the premium version for this tutorial since it includes the login page templates that we will be using in the final product.
  • On the SeedProd website, you can locate your product license key under the account details section of your profile.
  • A screen with all of the login page templates will then appear when you have completed this step.
  • In this lesson, we’ll use the ‘Geo Login Page’ template as our starting point.
  • This opens up a popup window where you may name your new login page and add a custom login page URL, among other options.
  • To access the page editor, simply click on the page editor button.
  • The left side of the page contains blocks and sections that you may drag and drop into the page, while the right side displays a real-time preview of what the page will look like.
  • You may personalize your login page as much as you like, but for the sake of this tutorial, we’ll go with the default settings.
  • After that, you must click the arrow next to the ‘Save’ box and then pick ‘Publish’ from the drop-down menu that appears.
  • To begin, select the ‘Page Settings’ menu option from the drop-down menu at the top of the page.

The normal WordPress login page will be redirected to the new page you just generated as a result of this action. Do not forget to click the “Save” button a second time to ensure that all of your changes have taken effect.

Change WordPress Login Page URL with a Free Plugin

We propose that you use theSeedProdplugin mentioned above since it also allows you to simply personalize your login page to match the look of your website, which is something we advocate. Some users, on the other hand, may want to maintain the default WordPress login page and merely modify the URL of the login page. This may be accomplished with the use of the free plugin WPS Hide Login. This plugin allows you to easily change the login URL without having to modify the page itself. Once the plugin has been installed and functional, go to Settings » WPS Hide Login to configure it.

  1. In the ‘Redirection url’ field, you may also enter a URL that will redirect to another page.
  2. After that, select ‘Save Changes’ from the drop-down menu.
  3. We hope you found this post useful in learning how to customize the login URL in WordPress.
  4. We encourage you to subscribe to our YouTube Channel for more WordPress video tutorials if you enjoyed this post.
  5. Please be aware that our material is sponsored by our readers.
  6. See how WPBeginner is supported, why it is important, and how you can help us by donating.
  7. Over 1.3 million readers around the world put their trust in us.

Change wp-admin login

Hi! This is a fantastic lightweight plugin, however it would be much better if it allowed the administrator to pick where to send people if they accidentally navigated to the incorrect URL. It has now been restored to the homepage. Thank you and congratulations! Read all 16 customer reviews The software “Change wp-admin login” is free and open source. This plugin has been made possible by the contributions of the persons listed below. Contributors


  • When someone tries to visit the wp-login.php page or the wp-admin directory while not signed in, they will be sent to the website’s main page automatically.


  • When someone attempts to access the wp-login.php page or the wp-admin directory while not signed in, they will be redirected to the page that you specify in the redirect custom field.


  • Custom field for redirection is added. improvements in the documentation on how to utilize the redirect field


If you run a WordPress blog, you will undoubtedly come into a question concerning how to keep your site safe from hackers at some point in the future. It does not matter if you are presently reading this post and believe that this will not happen to you since your site is not extremely popular, or even if you believe that it is not typically essential, you are completely wrong. We’re going to speak about how to make modifications to the WordPress Login URL so that your website is more secure.

This is carried out by a variety of bots that have been programmed to post links or spam comments on the site without removing them from the system.

In this post, we will discuss why it is vital to modify the WordPress login URL, as well as the many methods for accomplishing this.

Why should you change the WordPress login URL

In order to gain access to the WordPress administration panel, it is customary to prefix the website address with wp-admin. As a result, the following is how the link appears in that case: Anyone can access your website and administration panel if they use this connection, and anyone can do so without your knowledge. They can use the brute force method to collect the login and password information. We may conclude that utilizing the default WordPress login URL might be detrimental to the security of your website.

  • Furthermore, there is a wealth of important information that helps you to screen out interested visitors who are unaware of the location of the admin panel’s access.
  • That’s how the WordPress Login URL typically behaves when you try to login in to your account.
  • The different bots that attack your site all use the same IP address.
  • What can you do to avoid this?
  • Additionally, if you permitted users to register on your site, it implies that your visitors now have access to the login page, and you must keep track of all of the people who have access to your site.
  • In such situation, you will be the only one who has access to the login page.
  • The bots that are programmed for normal sites will disappear quickly if you enable registration.
  • Otherwise, no one will be able to view the page if there is no registration.

How to change the WordPress login URL?

Let’s have a look at some of the most effective methods for changing the WordPress Login URLs on this blog.

1. Changing the.htaccess file

First and foremost, you will need to get access to the root folder of your website using FTP. Alternatively, you may obtain the login details by contacting technical support through your hosting account control panel. To gain access to the site, use one of the FTP file managers. FileZilla and Total Commander are two of the most widely used programs. Once you’ve located the website, save it to your computer’s hard disk and then open it in any text editor. The most straightforward choice is the regular Notepad.

1234567891011121314151617181920212223242526272829303132333435363738394041 BEGIN Hide console URLIfModulemod_rewrite.cRewriteEngineOnRewriteRule^ custom_admin_url /?$/ wp – login.php?your_secret_keyRewriteCond%! ^. * wordpress_logged_in_. * $RewriteRule^ custom_admin_url /?$/ wp – login.php?your_secret_keyredirect_to =/ wp – admin /RewriteRule^ custom_admin_url /?$/ wp – admin /?your_secret_keyRewriteCond%! ^ (. *)admin – ajax.phpRewriteCond%! ^ (. *) / wp – adminRewriteCond%! ^ (. *) / wp – login.phpRewriteCond%! ^ (. *) / custom_admin_urlRewriteCond%! ^ your_secret_keyRewriteCond%! ^ action = logoutRewriteCond%! ^ action = rpRewriteCond%! ^ action = postpassRewriteCond%! ^. * wordpress_logged_in_. * $RewriteRule^. * wp – admin /?| ^. * wp – login.php/ not_foundRewriteCond%^ loggedout = trueRewriteRule^. * $/ wp – login.php?your_secret_key/ IfModuleEND Hide console URL

Several components must be replaced in order for everything to function properly. They will meet multiple times, so be on the lookout.

  1. Your new URL will be custom admin url, which will serve as the entrance address to the admin site, and you will just need to enter into the site. Make up your own web address. For instance, control panel or anything along those lines. Consider making it one-of-a-kind because contemporary bots can compile the most common addresses
  2. Com—your website URL, without the periods
  3. Change your secret key to something unique to you
  4. Your secret key—this should be changed with the secret key you generated. This should be a random string of characters and numbers that has been written in a randomized manner. For instance, gjhehg57e3au83kwdhfh or something along those lines. It should be saved in a safe location in case you need to use or modify it later.

Now, the login page will be accessible at admin url, for example, panel, where is the domain name. Take note that this solution is only compatible with Apache servers and does not work with Nginx servers.

There is another method of changing the URL, and the gist of it is to rename the file in the process. First and foremost, we entirely restrict access to the wp-login.php file. To accomplish this, include the following code in your.htaccess file:

Fileswp – login.phpOrderDeny,AllowDenyfromall/ Files

Then navigate to the website root folder and locate the wp-login.php file, which you should copy. You must rename the duplicate, for example, mylog.php, to distinguish it from the original. Then we create a new mylog.php file and rename the existing wp-login.php file to mylog.php. Now, in order to access the website login page, you will need to type into your browser. If the material within WordPress changes after the upgrade, it is possible that you may have to go through the process again.

In order to avoid this, when someone attempts to access the old addresses, they will be sent to a 404 error page.

2. Editing the wp-config.php file

It is necessary to create a file that is responsible for displaying the form that allows you to enter the WordPress administration panel in order to alter the login URL. Its file name is wp-login.php. You will need to connect to the site through FTP and download the file to your computer’s hard drive. When you’ve copied it to your PC, rename it to something else. Choose a name that will be easy to remember. Make it fairly complex, and avoid using names that are too basic. Let’s call this file website control.php (it is not required to name the file this way; you are free to use whatever name you choose).

Make a note of the old file name (wp-login.php), and replace it with the new file name (in our instance, website control.php).

Once you’ve done that, save and re-upload the file to the server.

However, the previous pages —and— are still available for viewing.

3. Set up a redirect from wp-admin and wp-login

It is just need to arrange the redirect so that no one can access the previous URLs in order to reach the control panel without receiving a 404 error message. To accomplish this, we must first access the functions.php file. Make a backup copy of the functions.php file before you begin. Then navigate to Appearance — Editor — Theme functions in the WordPress admin panel after entering the new id and password. Scroll all the way down to the bottom of the document. And finally, enter the following code at the end: Redirect from the wp-admin section:


Following that, the website will be routed to another location. Redirect from the WordPress login page:


From /wp-login.php to /wp-login.php, the redirect will be the same. While exiting the administration area, you will be sent to: While the registered users are away from the site, the latter code will clear out all of the trash code. Navigate to the plugin directory in your WordPress dashboard and type WPS Hide Login into the search area to find the plugin. After that, you’ll need to install and enable the plugin. Then, under the Settings — General section, go all the way down to the bottom of the page, and update the WordPress login URL to the one you require.

Your website will be lot more secure as a result of this. We go through the many methods for changing the WordPress login URL for your website in this article. It will undoubtedly contribute to making it more secure. Which mode of transportation is most handy for you?

Final Thought

You can protect yourself from being attacked by hackers by using one of the four techniques listed above to alter your WordPress Login URLs and prevent yourself from being hacked. These procedures are more secure and straightforward to adopt. Have you discovered a new method of changing your WordPress Login URLs? Please share your methods in the comments area below, and we will include them into our blog.

How to Change WordPress Login Page URL + How It Keeps You Safe

The content on Themeisle is completely free. When you make a purchase after clicking on one of our referral links, we receive a commission. Read on to find out more You’re no doubt aware of how critical security is to the operation of your WordPress site. As a matter of fact, you’ve probably heard lots of advice on the issue – including the recommendation that you should alter the URL of your WordPress login page. However, you may be unsure of why or how to go about doing so. Changing the URL of your login page is a simple but effective security tip that may help keep hackers out of your account.

You might be interested:  How To Install Wordpress Plugin Manually? (Best solution)

This implies that individuals will be less likely to obtain access to your website unless you specifically instruct them to do so.

Then we’ll teach you how to accomplish this with the help of a free plugin.

Why it’s smart to change your login page URL

The URL of your WordPress login page (also known as the ‘admin URL’) is the web address that you visit when you wish to access the back end of your site. It looks somewhat like this until you modify your login page. You are familiar with the page. WordPress sites all utilize the same URL format for this page by default, which makes sense. If your website’s domain name is, for example, you may log in by going to and entering your username and password. This makes it simple for visitors to remember how to get to your website.

As soon as they’ve found it, hackers may start to work trying to break into it.

Additionally, altering the URL of your login page has an additional benefit in that it can prevent a significant amount of resource-sucking bot traffic to your site.

Why you shouldn’t change your login page URL manually

We’ll guide you through the process of altering your login page URL using a plugin in the sections below. However, in some circumstances, you may be inclined to execute this activity manually rather than using the automated system (for instance, if you want to limit the number of plugins you install on your site).

While you may utilize File Transfer Protocol (FTP) or another way of directly accessing your site’s data to kind of make this modification, doing so is not a good idea for a number of reasons:

  • Every time you update WordPress, the login page file is recreated. This is a security feature. This implies that you’ll have to start from over with a new URL. Manually altering the URL of your login page might result in faults with your logout screen, as well as other problems with critical site functioning.

In general, we recommend that you avoid making changes to your site’s core files unless absolutely necessary. It is possible that doing so will have unforeseen repercussions. Fortunately, there is a more effective method of concealing your login page.

How to change your WordPress login page URL using a plugin

It is important to highlight that this strategy will not totally prevent hacking. It does, however, add an additional layer of protection to your website’s security. This way of safeguarding your admin area is most effective when used in conjunction with other methods of protecting your admin area, such as enabling Two-Factor Authentication (2FA) and restricting the number of login attempts permitted. WPS Hide Login is a plugin that may be used to modify the URL of your WordPress login page. This is a simple and straightforward method that gets the job done swiftly and efficiently.

  • Starting with a backup of your site will ensure that everything is as safe as possible.
  • After you’ve completed those procedures, go to theSettingsGeneral section of your WordPress dashboard.
  • This option will allow you to establish a new URL for your login page by entering the URL into the box following your website’s domain name in the login page field.
  • Simply make a note of the new URL somewhere safe so that you don’t lose access to your website.
  • You will no longer be able to log into your site using the default URL, and the default URL will be deactivated as a result of this change.


Despite the fact that WordPress is a relatively safe platform, there are always measures you can do to further protect your website’s security. Incorporating a little modification such as changing your login page URL into a complete security plan will make it more difficult for hackers and spammers to get access to your system. Furthermore, the process of employing this approach is quite straightforward. In fact, if you use the appropriate tool, it will only take you a few minutes to complete.

Is there anything more you’d want to know about how to alter the URL of your WordPress login page?

Free guide

Guide is available for free download.

Change Your WordPress Login URL

/wp-login.php is the default login URL for WordPress (although you can just type in /wp-admin/ and it will redirect you there if you are not already logged in).

As an illustration: “All right,” you may think to yourself. “Who gives a damn?” There are three reasons why you should be concerned:

  1. Your website is powered by WordPress, as I can tell. It is quite simple for a hacker to determine whether or not a particular website is a WordPress website. Take a peek at the source code of the page and you’ll notice stuff like/wp-content/themes/style.cssor/wp-content/plugins/., among other things. Once I’ve determined that your site is a WordPress site, I can determine that your login URL is/wp-login.php
  2. Hence, I now know your login URL. I’m also aware that WordPress by default produces a username with the prefix “admin.” Mr. or Mrs. Hacker now has your login URL, as well as your login username, if you have one. Now it’s just a question of guessing your password
  3. I’ll start with the default username and work my way up from there. Although you may not have a “admin” username and you may have a strong password (preferably one that is not recorded by your web browser), the hackers are not aware of this and will continue to attempt to log in indefinitely, wasting server resources and potentially bringing your site down. Using a password manager to login will help prevent this from happening. When you log in, be sure to use HTTPS or another secure login option, such as the ManageWP Dashboard, so that your password is not communicated “in the clear” when you do so.

Did any of it sound like it might be entertaining? I’m sure not, but it’s crucial information. It is my goal that this has terrified you into continuing to read the remainder of this how-to post since the answer is quick, straightforward, and painless, and anybody who knows how to install and activate a plugin can do it.

How To Change Your WordPress Login URL

Installation, activation, and configuration of the Better WP Security WordPress plugin are the simple answers to these questions.

What We’re Doing

You’ll be able to make the following changes with Better WP Security:

  • /wp-login.phpto/login/
  • /wp-admin/to/admin/
  • /wp-login.php?action=registerto/register/
  • Alternatively, you may use whatever slugs you like in the plugin settings.


It’s possible that compatibility will be an issue. Before making any changes to the Better WP Security settings, make sure you have read and understand everything. Speak with your web host or developer before continuing, especially if you are aware that you have a unique setup but are unsure how it might be affected by this plugin. I checked it out with WP Engine and found it to be very satisfactory. Follow the plugin author’s recommendation and read the Better WP SecurityInstallation TipsandFAQs before installing the plugin.

Also, please review the ManageWP “Known Issues” section, which includes a mention of one of the Better WP Security plugin’s features.

Step By Step Instructions

You should really consider changing your login URL (and by login URL I mean the URLs for logging in, registering, and administration). Here’s how you go about it:

Step 1: Take a Full Backup

Duh. ManageWP is the tool for the job. Take a comprehensive backup, not just a database backup, to provide complete protection. Before moving on to the following step, double-check that your backup has been finished and is at the place you specified.

Step 2: Install and Activate theBetter WP Security plugin

I sought for a “hide login” plugin for a long time and found that there weren’t many high-quality options. Furthermore, the appropriately namedHide Login plugin did not function for me (thank God I was on aWP Enginestagingsitebecause I got totally locked out). In addition, there used to be a plugin called Stealth Login, which is no longer available for download. In response to the recommendations of various WordPress gurus, I tested Better WP Security only for this reason (despite the fact that it also has many other useful features), and it worked like a charm right from the start.

Step 3: Setup the Better WP Security Plugin

Following the installation of the Better WP Security plugin, do the following steps:

  1. Open the plugin’s wp-admin settings page
  2. Then, as demonstrated in the pictures below, complete the first three steps of the setup process:
  1. Make a decision on your backup plan
  2. Allow the plugin to make changes to the WordPress core files (but first read the warning)
  3. To secure your website against basic attacks, click the “Secure My Site From Basic Attacks” option.
  1. Select “Enable Hide Backend” from the drop-down menu. If you want to use your own login, register, and admin slugs, you may do so, or you can use the plugin’s defaults of “login,” “register,” and “admin.” Select “Save Changes” from the drop-down menu.

Please remember to save your updated URLs, particularly the login URL. For the time being, you may wish to jot them down someplace until you become used to them. Alternatively, if you use an auto-login application such as ManageWP, you will never have to remember the login URL (additional steps follow). Below are screenshots of each stage in the process described above: The first page of the setup process. Choose the backup plan that you believe is the best. It is possible to skip this backup step if you have previously generated one using ManageWP.

In general, click to authorize changes to WordPress core files after reading the instructions and following the prompts.

For the most part, choose the option to enable the plugin to activate its default security settings, as this plugin does more than simply modify the login URL.

You may customize the text fields to your liking.

Then press the “Save” button. (Don’t worry, you won’t be logged out when you save your work.) After you’ve saved your changes, you’ll be able to uncheck the option if you want to turn off the function, or you may keep it enabled and simply modify the login URLs whenever you want as needed.

Step 4: Add (or Re-Add) your Site to the ManageWP Dashboard

If you are using ManageWP to manage the site for which you have changed the login URL, perform these steps:

  1. Obtain access to your ManageWP Dashboard. Select the site for which you want to update the login URL from the left navigation menu. Select “Options” from the drop-down menu. The “Website Administration URL” option should be updated from./wp-admin/ to./login/ (or whatever you modified it to)
  2. After you click “Save Changes,” the window will automatically dismiss after a brief display of the green “Options Updated” notice
  3. Make a second click on the site and then on the “Site Admin” link (or on the icon next to it to open it in a new window) to ensure that ManageWP can automatically log you in at the new URL. If you were able to log in using the ManageWP Dashboard, you are finished.

The following are screenshots of each step: Navigate to your ManageWP Dashboard, choose the site URL, and then select “Options.” You’ll find your current login URL in the ManageWP Options pop-up window for the site. Click “Save Changes” once you have changed the login URL to your new login URL. Check to see whether the ManageWP Dashboard is still able to auto-login for you. To test if the Site Admin link works, go to the URL of the site for which you just made the changes and click the Site Admin link.

How the Better WP Security Plugin Changes the Login URL

Some people aren’t interested in how something works; others are interested in knowing everything about it. Let’s just pretend it’s because of the.htaccess file’s magical properties. It is not necessary to go into detail about how the plugin works, but it adds around 30 lines to the top of your main WordPress.htaccess file. That’s basically all there is to it in terms of magic when it comes to changing the login URLs. Note: Neither the wp-login.php nor the wp-config.php files are changed, relocated, or renamed in this process.

The Better WP Security plugin does not require any prior knowledge of the.htaccess file structure.

More About Better WP Security

A number of useful functions are provided by the Better WP Security plugin, one of which is the ability to conceal the URLs for the WordPress login, registration, and administration pages. Here are just a handful of the other features that are offered with this free plugin:

  • Alternatives to traditional “security through obscurity” measures
  • Change the prefix of the WordPress database that is currently in use
  • Change the default “admin” username to something else. Change the ID for the user who has ID 1 to something else. Removes login error messages (so that poor login attempts don’t receive a hint as to whether the username or password was incorrect)
  • Removes login error messages (so that bad login attempts don’t get a hint as to whether the username or password was incorrect)
  • It keeps track of 404 errors, failed login attempts, and file modifications.

There are several more advantages to utilizing the Better WP Security plugin, and it is compatible with both single-site and multi-site installations. More information about its features may be found on its WordPress plugin page, which you should rate highly if it worked well for you. Today is the day to update your WordPress login URL. Please feel free to leave a remark below once you’ve completed it or if you have any difficulties. On July 17, 2014, we updated this blog post. Saxon provided the image used in this post.

Leave a Comment

Your email address will not be published. Required fields are marked *