Creating a website by using WordPress is a good idea for new bloggers. WordPress gives a simple and easy installation with just one click. You can use thousands of paid/free WordPress themes for your website. When you install WordPress, you access your admin dashboard by using the default URLs that WordPress provides you, right?
Well, the WordPress website allows the newbie websites to log in to their dashboard using by-default URLs:
You can access your admin dashboard simply by typing the above URLs. So, is it the best practice to secure your WordPress website from hackers? Does it give 100% security from brute attackers? Did you ever think about your site’s security?
So all these questions generate a single question; How to secure a WordPress site from hackers?
However, in this guide, I am going to show you that how can you secure your admin login page by changing its path to a custom URL.
Why do I change the WordPress Login URL?
The URL path is very common for WordPress websites because everyone knows the default path to the website. There are bad guys who are always trying their best to get access to a login of your site. Even a strong username and password can protect your site, but it’s not enough.
Brute attackers, bots, and malicious hackers are everywhere and use hacking efforts by guessing and generating lists of common names and passwords. They use scripts to automate the process of fetching the correct username and password. Therefore, it is very easy for attackers to get your username and password by listing leaked URLs and passwords on the web. Once they get your dashboard access, they can trash your website.
You may like What Are Breadcrumbs?
How to set the custom login URL for WordPress site by a Plugin
So, now you will be aware of how dangerous the path to the default login URL is for your website. You can protect your website by putting custom login URL paths and we will do it by installing a WordPress plugin.
WPS Hide Login is a simple and free plugin that we use to change the default login URL to a custom URL. As it is one of the Best WordPress security plugins. It is a very common plugin as it has 1+ million active installations.
Follow the steps below to install and set up the WPS Hide Login plugin:
- Open your WordPress dashboard
- Click on Plugins > Add New
- Type WPS Hide Login in the search bar
- Install and Activate the plugin
- Open Plugins, scroll down to find the WPS Hide Login plugin and click on Settings
Once you install and activate the WPS Hide Login plugin, open your installed plugins, scroll down and access the WPS plugin. When you click on Settings, you will see the default login URL:
Now remove the login from the field and add the URL you want. Remember, you can only use the alphabet and numbers. You cannot use special characters. So combine the URLs alphabetically and numbers.
If you look at the picture, there is another field below the field above. This is a redirect field, which means that if someone tries to access the wp-admin or login page, you can redirect it to any URL of your site. But I would recommend that you leave this field by default (404).
After changing the login URL, press Save Changes, and you’re done!
Once you have changed the default login URL to a custom URL, open your admin profile, set a new password, and click the Log Out Everywhere Else. This will eliminate your site’s login session from anywhere. If you are still facing any issues to change the WordPress login URL to custom, then feel free to ask in the comment section.
Best of luck!