<\/hr><\/div>\n\n\n\n
<\/hr><\/div>\n\n\n
Why it is important to have a WordPress login URL?<\/h2>\n\n\n\n
When a user freshly installed WordPress, he has access to the admin page, changes default settings, installs essential plugins, and adds a new theme. But to do all this stuff and customize your website without a WordPress login URL is next to impossible.<\/p>\n\n\n\n
This is the only link through which a user or other members can get easy access to the admin dashboard and manage it.<\/p>\n\n\n
<\/hr><\/div>\n\n\n
Why Should You Change or Modify the WordPress Login URL?<\/h2>\n\n\n\n
In order to enter the WordPress admin panel, as a rule, you add wp-admin to the website address. In that case, the link looks like the following: http:\/\/example.com\/wp-admin. [ This is a sample WordPress Login URL]<\/p>\n\n\n\n
Using this link, absolutely anyone can go to the page and admin panel and try to access your site. They can use brute to collate the login and password. We can say that using the default WordPress login URL can be dangerous for your site’s security.<\/p>\n\n\n\n
When you enter http:\/\/example.com\/wp-admin<\/strong> in the browser address bar, WordPress redirects<\/a> you to http:\/\/example.com\/wp-login.php<\/strong>. That’s how WordPress Login URLs generally behave while you try to sign in. There, you can try to enter the correct password. The various bots use the same address to attack your site. As a result, it takes your site’s resources and overloads them.<\/p>\n\n\n\n Now you might be thinking How to avoid that? The simplest solution is to change the WordPress login page.<\/p>\n\n\n\n Additionally, when you are allowed to register on the site, it means your visitors have access to the login page and then you need to monitor all those who can access the site. In this particular situation, one of the possible solutions you can try is to close the registration for the users.<\/p>\n\n\n\n In that case, only you will have access to the login page. The bottom line of the method is to change the WordPress login URL.<\/p>\n\n\n\n If you allow registration, then, of course, visitors will know this address, but the bots that are configured for standard pages will disappear immediately. If there is no registration, no one else will be able to access the page.<\/p>\n<\/div><\/div>\n\n\n\n After installing WordPress, you will have two default WordPress login URLs “mydomain.com\/wp-admin<\/strong>” and “mydomain.com\/login<\/strong>“<\/p>\n\n\n\n Or you can simply add “Wp-admin” or “login” at the end of your website URL provided by “\/”<\/strong>.<\/p>\n\n\n\n However, there are at times when these login URLs do not work, then you can choose the fourth option given below:<\/p>\n\n\n\n Do not forget to remove “mydomain<\/strong>” with your own website domain name. We took the above domain as an example for a better explanation.<\/p>\n\n\n\n The above WordPress Login URLs can only work for new installations, but what if you have installed WordPress on the Subdirectory or Subdomain of your Website? <\/p>\n\n\n\n For WordPress installed in Subdirectory<\/strong>, Use these WordPress Login URLs<\/p>\n\n\n\n If WordPress is installed in Subdomain<\/strong>, Use the below WordPress login URLs<\/p>\n\n\n\n All of these WordPress Login URLs direct you to the admin page, no matter which Login URL you choose. It is better you keep this Login URL bookmark on your browser or save it on your website in case you cannot remember it.<\/p>\n\n\n\n First of all, you need to log in to your WordPress dashboard.<\/p>\n\n\n\n Go to Your WordPress Admin dashboard.<\/p>\n\n\n\n Let us learn some of the best methods to change or modify the WordPress Login URLs in the below sections. <\/p>\n\n\n\n First of all, you will need to get access to your website’s root folder via an FTP client, such as FileZilla. You will be able to find the login information in your hosting account control panel, or by contacting tech support. Use one of the FTP file managers to access the site. The most popular ones are FileZilla and Total Commander.<\/p>\n\n\n\n When you find the site, download it to your local drive and then open it in any text editor. The simplest option is the standard Notepad. Add the following code at the bottom of the file:<\/p>\n\n\n\n To make everything work, you need to replace several elements. They meet several times, so be careful.<\/p>\n\n\n\n Now the login page will be available at yoursite.com\/custom_admin_url, for example – example.com\/control_panel.<\/p>\n\n\n Note:<\/em> <\/strong>This method only works on Apache servers and does not work for Nginx servers.<\/em><\/p>\n\n\n There is another way to change the URL, and its bottom line is to change the file name. First, we completely block access to wp-login.php. To do this, add the following code to the .htaccess file<\/a>:<\/p>\n\n\n\n Now in the website root folder, find the wp-login.php file and make its copy. You need to rename the copy, for example, mylog.php. Then we open a new mylog.php and change wp-login.php to mylog.php in it. Now, to enter the website login page, you will have to use example.com\/mylog.php.<\/p>\n\n\n\n Perhaps, after the WordPress update, if the content inside changes, you will have to repeat the procedure. But until the code remains the same, everything will work.<\/p>\n\n\n\n Now when someone tries to go to the old addresses, they will be redirected to a 404 error<\/a> page. You can only log in using the new link.<\/p>\n\n\n\n In order to change the WordPress login URL, you will need a file that is responsible for displaying the form to access the panel. It is called wp-login.php. You will have to access the site via FTP and download the file to the local drive. When you copy it to the computer, rename it. Choose a convenient to-use name. Make it quite difficult and avoid too simple names. Let\u2019s call it website_control.php (it’s not necessary to give the file this name, you are free to choose any).<\/p>\n\n\n\n Now, open the file using any code editor like Notepad ++ or VS Code. Replace the old file name (wp-login.php), with the new file name (in our case, it\u2019s website_control.php).<\/p>\n\n\n\n In total, you must have 12 replacements. Then save and upload the file back to the hosting.<\/p>\n\n\n\n Now you can log in to the admin panel at http:\/\/example.com\/website_control.php<\/strong>. But, the old pages \u2014 http:\/\/example.com\/wp-admin<\/strong> and http:\/\/example.com\/wp-login<\/strong> \u2014 are still available. This means that we need to block access to the admin panels with old addresses.<\/p>\n\n\n In order for no one to access the old addresses to enter the control panel without a 404 error, you will just need to configure the redirect.<\/p>\n\n\n\n For this, we need to open the functions.php file. Before you start, make a backup copy of functions.php<\/p>\n\n\n\n Open the WordPress admin panel using the new address, then go to Appearance \u2014 Editor \u2014 Theme functions. Scroll down to the bottom of the file. And in the end, insert the following code:<\/p>\n\n\n\n Redirect from wp-admin:<\/strong><\/p>\n\n\n\n After that, the website will be redirected from http:\/\/example.com\/wp-admin to http:\/\/example.com.<\/p>\n\n\n\n Redirect from wp-login:<\/strong><\/p>\n\n\n\n There will be the same redirect from http:\/\/example.com<\/a>\/wp-login.php to http:\/\/example.com<\/a>.<\/p>\n\n\n\n Redirect while leaving the admin panel:<\/strong><\/p>\n\n\n\n The latter code will clean all the junk code while the registered users leave the site.<\/p>\n\n\n\n There are WordPress plugins that can help you manage your WordPress Login URL. We are sharing the best one to assist you with this.<\/p>\n\n\n\n
<\/hr><\/div>\n\n\nHow to Find Your WordPress Login URL?<\/h2>\n\n\n\n
mydomain.com\/wp-admin
mydomain.com\/login
mydomain.com\/admin<\/strong><\/code><\/p>\n\n\n\nmydomain.com\/wp-login<\/strong><\/code><\/p>\n\n\n\nwww.mydomain.com\/wordpress\/login\/
www.mydomain.com\/wordpress\/wp-login.php<\/strong><\/code><\/p>\n\n\n\nsubdomain.mydomain.com\/login\/
subdomain.mydomain.com\/wp-login.php<\/strong><\/code><\/p>\n\n\n
<\/hr><\/div>\n\n\nHow to remember WordPress login URLs to get quick access?<\/h2>\n\n\n\n
Saving Login URL on the Menu section of your Website<\/strong><\/h3>\n\n\n\n
\n
![\"Saving](\"https:\/\/www.wpoven.com\/blog\/wp-content\/uploads\/2021\/05\/Screenshot_37-1-1024x417.png\" "\\"Find")
Saving the Login URL on the Footer section of your website<\/strong><\/h3>\n\n\n\n
\n
![\"Saving](\"https:\/\/www.wpoven.com\/blog\/wp-content\/uploads\/2021\/05\/Screenshot_13-1-1024x481.png\" "\\"Find")
<\/hr><\/div>\n\n\nHow to Change or Modify WordPress Login URL?<\/h2>\n\n\n\n
\n
1. Changing the .htaccess file<\/strong><\/h3>\n\n\n\n
# BEGIN Hide console URL
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^custom_admin_url\/?$ \/wp-login.php?your_secret_key [R,L]
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteRule ^custom_admin_url\/?$ \/wp-login.php?your_secret_key&redirect_to=\/wp-admin\/ [R,L]
RewriteRule ^custom_admin_url\/?$ \/wp-admin\/?your_secret_key [R,L]
RewriteCond %{SCRIPT_FILENAME} !^(.*)admin-ajax\\.php
RewriteCond %{HTTP_REFERER} !^(.*)yoursite.com\/wp-admin
RewriteCond %{HTTP_REFERER} !^(.*)yoursite.com\/wp-login\\.php
RewriteCond %{HTTP_REFERER} !^(.*)yoursite.com\/custom_admin_url
RewriteCond %{QUERY_STRING} !^your_secret_key
RewriteCond %{QUERY_STRING} !^action=logout
RewriteCond %{QUERY_STRING} !^action=rp
RewriteCond %{QUERY_STRING} !^action=postpass
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteRule ^.*wp-admin\/?|^.*wp-login\\.php \/not_found [R,L]
RewriteCond %{QUERY_STRING} ^loggedout=true
RewriteRule ^.*$ \/wp-login.php?your_secret_key [R,L]
<\/IfModule>
# END Hide console URL<\/strong><\/code><\/p>\n\n\n\n\n
<\/hr><\/div>\n\n\n
<\/hr><\/div>\n\n\n<Files wp-login.php>
Order Deny, Allow
Deny from all
<\/Files><\/strong><\/code><\/p>\n\n\n\n2. Editing the wp-config.php file<\/strong><\/h3>\n\n\n\n
<\/hr><\/div>\n\n![\"WPOven\"](\"https:\/\/www.wpoven.com\/blog\/wp-content\/uploads\/2022\/09\/CTA_new_design2.png\" "\\"\\"")
<\/a>
<\/hr><\/div>\n\n\n3. Set up a redirect from WP-Admin and WP-Login<\/strong><\/h3>\n\n\n\n
![\"WordPress](\"https:\/\/www.wpoven.com\/blog\/wp-content\/uploads\/2022\/05\/WordPress-login-edit.png\" "\\"\\"")
add_action( 'init', 'blockusers_init' );
function blockusers_init() {
if ( is_admin() && ! current_user_can( 'administrator' ) &&
! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
wp_redirect( home_url() );
exit;
}
}<\/strong><\/code><\/p>\n\n\n\nfunction redirect_login_page() {
$page_viewed = basename($_SERVER['REQUEST_URI']);
if( $page_viewed == \"wp-login.php?pass=1\" ) {
wp_redirect( home_url() );
exit;
}
}
add_action('init','redirect_login_page');<\/strong><\/code><\/p>\n\n\n\nfunction logout_page() {
$login_page = home_url( 'wp-admin' );
wp_redirect( $login_page . \"?loggedout=true\" );
exit;
}<\/strong><\/code><\/p>\n\n\n\n4. Using WordPress Plugins to Hide or Manage Your WordPress Login URL<\/strong><\/h3>\n\n\n\n
WPS Hide Login <\/strong><\/h4>\n\n\n
![\"WPS](\"https:\/\/www.wpoven.com\/blog\/wp-content\/uploads\/2021\/05\/Screenshot_14-1-1024x334.png\" "\\"\\"")