How To Change WordPress Login URL and Boost Security

Do you want to know how to change WordPress login URL? In this post, we’re going to learn how you can change your WordPress login URL. This will hide your WordPress login page and keep unwanted users out of their reach. So now the question is, how to change WordPress login URL? Well, that’s what we’re going to learn in this article.

Before we get started, we will also discuss the importance of changing the login URL of your WordPress website and why you should do it. Normally, you might think this is an unnecessary step. But this will add an extra layer of security to your WordPress website. That’s why it’s important to know how to change WordPress login URLs. So let’s start!

Why you should change your WordPress login URL

Now before diving directly into the tutorial, one might ask, “Why should I go through the trouble of changing my WordPress login URL?” That’s not a bad question. But you should not take the security of your WordPress website lightly. According to a blog post from Hostinger, a WordPress website is attacked every 22 minutes. According to experts, roughly 13,000 WordPress websites are hacked on a daily basis.

Now, WordPress websites get hacked, it’s true, but this can be significantly reduced if proper security measures are taken. Changing the WordPress login URL is a smart move as it adds an extra defense. It also doesn’t take that long. Some of the benefits of changing the WordPress login URL are:

• Brute Force Protection: Malicious hackers frequently try hundreds of username and password combinations against the common login URLs using automated scripts. You can make it more difficult for attackers to locate the entry point by altering your login URL.

• Bot Deterrence: Numerous bots are designed to look for WordPress login URLs by default. Using a unique URL reduces the visibility of your admin login page.

• Username Enumeration Prevention: Hackers occasionally attempt to guess legitimate usernames on a website. If you change the login URL, this strategy becomes a lot harder.

Again, changing the login URL is an easy process and will take 5 minutes or less. So why not use this method and keep your WordPress website more secure?

We also have a video tutorial on this topic. So if you prefer watching the video, you can do so. 

But if you would like reading, then continue.

How to change WordPress login URL

Alright, now that you know the importance of changing your WordPress login URL, it’s now time to do it. By default the login URL slug of every WordPress site is the same, which is your domain name followed by wp-login.php. This leads a user to the login page where they can enter the username and password to log in to the WordPress admin dashboard. Our goal is to change this “wp-login.php” into something else so that unauthorized users cannot access this page at all.

To do this, we are going to use a plugin called WPS Hide Login. This is a very popular plugin and is also very lightweight. You can use other plugins too, but make sure those are compatible with your version of WordPress. So follow the steps below to change your WordPress sign-in URL.

Installing WPS Hide Login

From your WordPress admin dashboard go to Plugins > Add New Plugin and search for WPS Hide Login. At the time of writing this article, WPS Hide Login has 1+ million active installations. The plugin is from WPServeur, NicolasKulka, wpformation. After the plugin is installed make sure to activate it by clicking on the “Activate” button.

Changing the login URL

After WPS Hide Login has been installed and activated, it will be added to your WordPress admin dashboard. Go to Dashboard > Settings and scroll down until you find the “WPS Hide Login” section. You don’t necessarily have to click on WPS Hide Login, as it will be added to General section of Settings.

When you find the WPS Hide Login section, you will see two options:

• Login URL: This is the login URL of your WordPress website. Change it to something of your choosing. In the image shown above, we have chosen “secretloginurl” but this is just for demonstration purposes. You can add a more complex URL so that it will be difficult for the unauthorized users to access.

Important note: Make sure to save this URL name somewhere safe in case you forget it yourself.

• Redirection URL: Optionally, you can also add a redirection URL. This is the URL the users will be redirected to if they insert “wp-admin” or “wp-login.php” instead of your chosen login URL.

If you’re seeing a “?” at the end of the fixed login URL (right before your custom URL), this is because of the plain permalink structure. Set your Permalink structure to Post name type from Settings > Permalinks. If you don’t want to change your permalink structure, then make sure to use the “?” right before your custom login URL.

After you’re done here, click on the “Save Changes” button to save the progress. That’s all you have to do. Now to test this out, go to incognito/in a private browser and log in to your WordPress admin dashboard using your new URL.

If you try to visit the admin URL using the old “wp-admin” or “wp-login.php” URL, you will be redirected to the 404 page or a custom page if you’ve chosen that.

So that is how to change WordPress login URL using the WPS Hide Login plugin. By doing this, you have added an extra layer of security to your WordPress website. If you suspect that your WordPress website is hacked, then there are steps that you can take. We have a post on the topic, what to do when your WordPress website is hacked.You can read for further information.

Conclusion

Creating websites on WordPress is a great experience. But it is imperative that you take proper security measures in keeping your website secure. Knowing how to change the WordPress login URL is very important. By doing so, you can block unauthorized users from accessing your WordPress login page. As you’ve seen from this post, it is so easy to change the WordPress admin URL. By using a plugin like WPS Hide Login you can easily change your login page’s URL.