WordPress Custom Login Url For Better Security

wordpress custom login url
When optimising your WordPress site for better security performance, WordPress custom login url should be put to consideration.

WordPress being widely used by so many people with all sorts of plugins, has tons of security vulnerabilities.

Why WordPress Custom Login URL?

Before i would be stating the process, let take a look at my reasons for customizing my login url.

Protect Against Brute Force Attacks

I believe this is one of the main reasons webmasters change the url of their WordPress site– changing login URL protects against the most common type of website security breach, a brute force attack.

Brute force attacks involve exhaustive “guessing” of login credentials until the correct combination is found. This means a brute force attack needs suggest three variables to succeed:

  • Username – don’t choose names, like “admin.”
  • Password – avoid cheap password, and make use of strong ones. for instance, house1 looks simple, but [email protected]# is strong enough.
  • Your login URL – A channel to your WordPress dashboard.

In other words, when you continue to use the default login URLs, wp-admin and wp-login, you leave yourself more vulnerable – a hacker only needs your username and password to access your site. When you change your login URL, you are making the bad guys work significantly harder.

It’s also worth pointing out that, even if an attacker can’t correctly crack your login credentials, they can still use a lot of bandwidth in their attempts. Moving your login page combats this problem.

2. Hides WordPress Vulnerabilities


By changing your login URL, Most people won’t know your website is powered by WordPress , thus distancing yourself from any known vulnerabilities. This alone won’t keep you safe, of course, but it’s an easy place to start.

Steps To WordPress Custom Login Url

WordPress Admin directory is /wp-admin/  and this is used to login WordPress dashboard. The problem with this is that a bots or a hackers at first visit to your website, would scan these when looking for vulnerabilities and entry points into your site. One of my website has about 17,000 login attempt.

Follow my steps below, To install and configure the free plugin i use in changing my WordPress login url.

Step 1

Visit your WordPress dashboard Then click “Plugins” and “Add New.”

wordpress plugins add new

Step 2

“WPS Hide Login” is the plugin name you would be searching and click on “Install Now.” You can also download WPS Hide Login from the WordPress repository. The reason am recommending this plugin is that, It doesn’t require much space or much technicalities  “no hands on.htaccess file”..

wps hide login

Step 3

Click on “Activate Plugin.”

activate hide login url

Step 4

Under “Settings” click into “General.”

wordpress settings general

Step 5

The plugins settings is below others and you will see a new “Login URL” field. Input something creative that you can both remember and nobody will be able to guess. Then press “Save Changes.”

wordpress custom login url

The next time you login you will need to use your customized login URL in your browser.

wordpress custom login url
I have being using this plugins on my WordPress site and it has been working fine. If you do have any problems, Kindly make use of the comment box below.

About the author

Pius Tolani

A Webmaster, online researcher, tech lover and web designer "expert". I love to explore new things and share The knowledge on my blogs.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.