Bots are constantly trying to log in to your WordPress site. This can cause lots of server load and, more importantly, could lead to your site being hacked if a brute force bot gets in.
That is why it’s recommended to change the login URL of your WordPress admin.
So here is our guide on how to change WordPress login page.
Video Tutorial
If you want to quickly know how to change your site’s login URL, check out my video below.
No time for a video keep reading below…
Why You Should Change Your WordPress Login Page URL
WordPress is by far the most used CMS on the internet. This comes with pros and cons, since it’s the top CMS it also makes it the top target for hackers. By default all WordPress sites let you access the login page via /wp-admin/ and /wp-login.php making it easy for hackers to target these pages.
Even if you have login security plugins installed there is still an additional strain on your server from these attacks. This is why it’s best to just hide your WordPress login page by changing the URL.
How to Change Your WordPress Login Page URL with a Plugin
There are plenty of WordPress plugins that will change your login URL. The easiest one to use to change your WordPress login URL is to use the WPS Hide Login plugin. This plugin simply makes your existing admin login URLs lead to a 404 while letting you set a custom URL for your WordPress login.
Note: Changing your login URL will not prevent all hacking but will help prevent broad attacks that target WordPress sites at scale.
You can easily install the plugin by searching WPS Hide Login in Plugins>add new.
Once the plugin is installed and activated head over to Settings>general.
On the bottom of your general settings page you’ll see a new option to change your WordPress login URL. Plus you can pick what page 404 go to.
Honestly it’s best to make your login URL something unique you’ll know and remember. But from my experience doing something like /login/ makes it easy for you to remember and prevents automated attacks.
Keep in mine once you click save changes the login URL will be changed and you won’t be able to login with the default WordPress login URLs.
6 Responses
Hello,
Once I use the plugin to change my login url, do I still need the plugin to remain activated?
Thank you.
Sincerely,
Tom
Hey Tom, yes you need to keep the plugin active for your login URL to be changed.
thanks a lot:D I´m helping a friend her site is constantly under brute force attack, this help I think thanks so much^^
Glad to help!
Thanks Andy for this tutorial. I have used this plugin in my site and it works perfectly. It will definitely help others. I will also share this with my friends so that they will also get benefit from it.
Glad it helped James!