Keeping a WordPress website safe should be the top priority to every site owner. The more popular WordPress gets, the easier it is to be targeted by cyberpunk. Among all the security loopholes, the login URL is one of the aims for hackers to attack. Therefore, making your login URL harder to find is the smart way to enhance the site security.
In this article, we’re showing you the 3 best free plugins to change the login page URL for your WordPress website.
How to Find Your Login Page URL
Every time you access the backend of your site to edit a post or install a plugin, you have to go through a WordPress login page. After signing in, you can access and manage everything from the dashboard. It seems familiar to you, doesn’t it?
By default, everyone can find your WordPress website’s login URL by adding /admin/ (e.g. www.yoursite.com/admin/) or /login/ (e.g. www.yoursite.com/login/) at the end of the website’s URL. It then will redirect them to the login page.
If you cannot access the login page using the above method, there is another way to reach your login page. You can add /wp-login.php at the end of the URL, similar to this example: www.yoursite.com/login/wp-login.ph/
You only need a username and password to access the backend of your site. However, beware of hackers and cyberthieves – they’re everywhere. And your site always has the potential to be targeted.
So what can you do to protect your site and its valuable content? Yes, you should change your login page URL at least.
Why Changing Default WordPress Login Page Boosts Site Security
You may think to yourself, “No one knows my passwords. Why care?” Let us point out all the reasons why it’s worth caring about.
The default login URL is too easy to find, hence it could be accessible by anyone with the login credentials if you don’t change it. Changing the login page address will make it difficult for most to access, except you – the site owner. It will also help reduce the risk of your website being hacked.
What if you have a strong username and passwords, do you need to change the default login page URL? Absolutely yes.
“A fair booty makes many thieves.” Never inadvertently elicit hackers to attack your website when they even do not have the intention. If hackers keep trying to log into your site many times, they could face a lockout.
You might know some methods to change your login page URL manually. However, there could be some potential risks. In this article, we recommend you using plugins for a quick and safe process.
WPS Hide Login
The most common and probably easiest way to change your WordPress login page URL is using a free plugin like WPS Hide Login. It is actively used by more than 800,000 users and rated 4.9 out of 5 stars.
So how can we make use of it?
Once you download and activate the plugin, all you need to do is:
- Go to Settings > General.
- Scroll down to see the WPS Hide Login area.
- Type the new URL depending on your needs.
- Login URL field: input your new Login URL path.
- Redirection URL field: input a specific URL where users will be redirected to.
- Click on the Save Changes button.
This new URL allows you to access your login page by adding it into the field after your domain name. We highly recommend that you use something random, such as a complex of alphabets and numbers. Just make sure you store it in a safe place, then no one can find and take advantage of it.
Another considerable choice for you to change the login page URL is the iThemes Security plugin. Although it has a bunch of great features, we focus on it for this purpose alone.
Receiving 4.7 out of 5 stars rating, iThemes Security is a plugin that is worth a try.
After installing the plugin, follow the instructions below to change your login URL.
- Click Security > Advanced > Hide Backend.
- A pop-up will show. On this page, edit the login URL as you want.
- Save Settings.
That’s all to it.
Change wp-admin Login
A rookie is going to be mentioned here. First launched one year ago, Change wp-admin login has got more than 30,000+ active installations and received a 4.8 out of 5 stars rating.
It allows you to easily and safely change the login page URL to anything you want. It does not rename or change files in the core. It simply intercepts page requests and works on any WordPress website.
After installing the plugin, take these easy steps to secure your site.
- Go to Settings > Permalink, scroll down to find the Change wp-admin login field.
- Then type in the login URL and redirect URL as you wish.
- When you are happy with the results, scroll down, and hit Save Changes.
Important Things You Should Know
Before you select which plugin to use, there are 2 things that you need to know.
First, whenever you set the new login URL, you cannot access the old ones. Therefore, please make sure that you store your new URL carefully or remember it at least. No one wishes to be locked from his own website, definitely.
The second point is that right after you uninstall the plugins, all your databases will resume without any changes. The login URL will return to the default one as stated at the beginning of the article.
Improving security for your website is the most important mission. Already you should have realized that changing the WordPress login URL is one of the best practices for security. Surely, you will love how easy it is to use the plugins recommended above.
Hope you find this article helpful to manage and protect your WordPress site better. If you have anything to share, please let us know in the comment section below.