WordPress being widely used by so many people with all sorts of plugins, has tons of security vulnerabilities.
Why WordPress Custom Login URL?
Before i would be stating the process, let take a look at my reasons for customizing my login url.
Protect Against Brute Force Attacks
I believe this is one of the main reasons webmasters change the url of their WordPress site– changing login URL protects against the most common type of website security breach, a brute force attack.
Brute force attacks involve exhaustive “guessing” of login credentials until the correct combination is found. This means a brute force attack needs suggest three variables to succeed:
- Username – don’t choose names, like “admin.”
- Password – avoid cheap password, and make use of strong ones. for instance, house1 looks simple, but [email protected]# is strong enough.
- Your login URL – A channel to your WordPress dashboard.
In other words, when you continue to use the default login URLs, wp-admin and wp-login, you leave yourself more vulnerable – a hacker only needs your username and password to access your site. When you change your login URL, you are making the bad guys work significantly harder.
It’s also worth pointing out that, even if an attacker can’t correctly crack your login credentials, they can still use a lot of bandwidth in their attempts. Moving your login page combats this problem.
2. Hides WordPress Vulnerabilities
By changing your login URL, Most people won’t know your website is powered by WordPress , thus distancing yourself from any known vulnerabilities. This alone won’t keep you safe, of course, but it’s an easy place to start.
Steps To WordPress Custom Login Url
WordPress Admin directory is /wp-admin/ and this is used to login WordPress dashboard. The problem with this is that a bots or a hackers at first visit to your website, would scan these when looking for vulnerabilities and entry points into your site. One of my website has about 17,000 login attempt.
Follow my steps below, To install and configure the free plugin i use in changing my WordPress login url.
Visit your WordPress dashboard Then click “Plugins” and “Add New.”
“WPS Hide Login” is the plugin name you would be searching and click on “Install Now.” You can also download WPS Hide Login from the WordPress repository. The reason am recommending this plugin is that, It doesn’t require much space or much technicalities “no hands on
Click on “Activate Plugin.”
Under “Settings” click into “General.”
The plugins settings is below others and you will see a new “Login URL” field. Input something creative that you can both remember and nobody will be able to guess. Then press “Save Changes.”
The next time you login you will need to use your customized login URL in your browser.