How To Change WP-Admin URL to Protect Blog From Hackers

By | Updated on

When you install WordPress for the first time on your blog, then you will get an address to access the WordPress administrator area. Wp-admin or wp-login is the address of the administrator area of any WordPress site.

WordPress creates two default login addresses and by default address of your WordPress site is like this:

  •            wp-admin.Php 
  •              wp-login.php

This administrator area controls all the activities of a WordPress website i.e. Customization, writing the posts, Accepting Comments, Installation of plugins & themes, etc.

During the process of installation of WordPress, you can choose a username and password but WordPress doesn’t give any option to create a custom login URL.

So in this post, I am going to show you how you can change the default WordPress login URL.

But before that, you should know Why changing wp-admin is a must for every Webmaster and Blogger.

Why do you need to change wp-admin URL of WordPress website?

Protecting your WordPress site from hacking is necessary. All hackers and WordPress users knew the initial address of the WordPress administrator area.

They try many attempts with different usernames and passwords. This type of hacking attack is called a Brute force hacking attack.

If you have not changed your WordPress admin URL then it’s like you have kept the door closed with a key in it.

How can you change wp-admin URL of WordPress Website Easily?

There are many free plugins that can help you to change the WordPress admin URL.

In this post, I am going to talk about the three best WordPress plugins that you can use to change the WordPress administrator area’s address.

So here goes the list:

1. All In One WP Security & Firewall:Change Wp-admin url

All in One WP Security & Firewall plugin has 500000+ existing installs. This plugin is an easy-to-use, stable, and well-supported WordPress security plugin.

One of its features is to change the WordPress login URL or administrator area address of a WordPress website.

To change wp-admin Url follow these steps:

change wp admin url
  • Open WordPress administrator area.
  • Click on WP security
  • Select Brute force.
  • Check Enable rename login page feature.
  • Now enter any string as shown below and save the settings.

This plugin provides many other security features:

  • User account management
  • Login lockdown option
  • User Registration
  • Database security
  • Filesystem security
  • WHOIS Lookup Information
  • Blacklist management
  • Brute force attack
  • Spam prevention
  • Security scanner

 2. WPS Hide Login:

WPS Hide Login is a very light plugin that lets you easily and safely change the URL of the login form page to anything you want.

It doesn’t rename or modify the core files, nor will it add rewrite rules. It merely intercepts page requests and works on any WordPress website.

By using this plugin wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the URL. Deactivating this plugin brings your site back exactly to the state it was before.

3. Lockdown WP Admin:
Change wp admin url

LockdownWP Admin have  70000+ active installs. Lockdown WP Admin is easy, simple, and open-source software. It is also used to change the wp-admin URL or administrator area address of a WordPress website.

When the user isn’t logged in this plugin will hide WordPress Admin (/wp-admin/). If a user is not logged in and attempts to access the WordPress Admin area directly then he will get a 404 Error.

This Plugin can also rename the login URL. This plugin doesn’t make any changes in  .htaccess files or in core files of WordPress.

All the CSS/Images under /wp-admin/ are  accessible, just not the .php ones.

End Notes:

Hiding/changing your WordPress login URL is very necessary. Many websites got hacked each day. By using these free plugins, you can easily change the wp-admin URL of the WordPress website and made it more difficult for hackers.

Few tips to add an extra layer of security to your site:

  1. Don’t use Nulled/cracked Themes and Plugins.
  2. Switch over to Https.
  3. Use Hosting that provides quality service.
  4. Make Backups of your site.

I'm a WordPress Enthusiast, SEO & Marketing Practitioner.

Leave a Comment