How to hide /wp-admin/ URL and increase security of your WordPress website

How to easily change the /wp-admin/ login URL using WPS Hide Login which is a super light plugin. Secure your site in a few seconds!

How to hide WP Admin

If you have used WordPress at least once, you know exactly how to access the admin login of any WordPress website, you just add /wp-admin/ at the end of the URL and there you go. Bots and hackers also know this of course, so we recommend changing the wp-admin URL to something else, something that only you know.

In this post, I will guide you through one of the easiest way to change the wp-admin URL, we will be using the plugin WPS Hide Login.

WPS Hide Login Description:

WPS Hide Login is a super light plugin that lets you easily and safely change the url of the login form page to anything you want. It doesn’t literally rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. Deactivating this plugin brings your site back exactly to the state it was before.

COMPATIBILITY

Requires WordPress 4.1 or higher. All login related things such as the registration form, lost password form, login widget and expired sessions just keep working.

It’s also compatible with any plugin that hooks in the login form, including:

  • BuddyPress,
  • bbPress,
  • Limit Login Attempts,
  • and User Switching.

It doesn’t work with plugins or themes that hardcoded wp-login.php. It works with multisite, but not tested with subdomains. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.

If you’re using a page caching plugin other than WP Rocket, you should add the slug of the new login url to the list of pages not to cache. WP Rocket is already fully compatible with the plugin.

For W3 Total Cache and WP Super Cache this plugin will give you a message with a link to the field you should update.

Installation Steps:

  1. Open your WordPress site and login to WP Admin
  2. Click Plugins then “Add New”
  3. Search for Install WPS Hide Login and install and activate the plugin
  4. The page will redirect you to the settings. Change your login url there.
  5. You can change this option any time you want, just go back to Settings › General › WPS Hide Login.
The WP Admin URL is now changed from example.com/wp-admin/ to example.com/secretlogin/

Write down the new login URL somewhere safe.

What if I forget my login URL?

Either go to your MySQL database and look for the value of whl_page in the options table, or remove the wps-hide-login folder from your plugins folder, log in through wp-login.php and reinstall the plugin.

If your website is hosted on templ.io, just contact us and we will help out.

Comments

    1. Hi there,

      Sure it’s possible to do but requires some tailored code to do. I don’t know of any existing plugins that will do this for you.

      Regards,
      Karl

  1. Even if you hide your wp-admin from someone, It will not prevent from hackers to get your url that you generated .

    Hackers can do something called : dirb .
    They can read pages that you think is hided.
    It’s a web content scanner

    Command with linux , with DIRB tools :

    Dirb ( url of your website ) .
    * Without the brackets.*

    Thanks. For more question email me at : ichavannes@outlook.fr

  2. I’ve been using another plugin to get the same goal (hide the wp login), but it makes my site runs slowly.

    Do you think WPS Hide Login can be better about the site load ?

    1. WPS Hide Login should not slow down your site, so if you’re having issues with the other plugin you can try WPS instead and see if it works better for you. 👍

  3. WPS Hide plugin, unfortunately is not compatible with WordPress 5.9. Even the WordPress repository says it is untested with the current version of WP. It is a shame that I need to find another plugin for this and fast. I hope they update the plugin soon. It is really good, but at the moment, useless.

    1. I haven’t tested WPS Hide Login on WordPress 5.9 myself, but I hope the developers will be able to resolve any issue causing problems quickly.

      In the meantime, you might want to consider sticking to 5.8.3.

      // Emanuel @ Templ

Leave a Reply

Your email address will not be published. Required fields are marked *