There are many websites are running on WordPress. As you know that WordPress is the most powerful content management system (CMS), there are high chances that hackers can attack on the websites which are running on the WordPress. So if you are having website on WordPress platform then you must be worried about its security. Due to the popularity of the WordPress platform, some hacker tries to attack on this platform. So you need to take some steps by which you can prevent from this attacks. The most common type of attack is brute force attack. In this attack, the hacker will apply random combination of username and password on your login page unless and until he gets desired result. WordPress comes with default login URL. So by changing this default login URL with custom login URL, we can save our website from any attack.
During the process of WordPress installation, WordPress creates two default URLs for login. These URLs are
I am sure that you must be using one from the above-mentioned URLs. So every person who has knowledge on WordPress must know that what the login URL is. So there are chances that hackers can attack on your website using this URL. But if you change this default URL to custom login URL then only you know the login URL. So it may happen that attacker do not know the login URL and by this way you can make his work tough.
Why you need Custom Login URL?
1. Prevent against brute force attack
Brute force attack is very common type of security attack. In this attack, the attackers try to crack your security via login page. The main aim of this type of attack is to take control over the admin area of the website. To do this hacker needs the below mention things:
- Login URL: This is the URL by which he can enter into WordPress dashboard. You can create custom login URL to prevent from attack.
- Username: You should not choose the username as admin, administrator or root because it is very easy to guess.
- Password: You must set very difficult password for login.
2. To hide the use of WordPress
By creating custom login URL, you can hide the use of WordPress. Attackers cannot easily know the backend of your website. But this is not that much accurate. There are many tools and methods available by which anyone can check the backend of any website. But by creating custom login URL, you are creating more problems for attackers.
So now you should have basic understanding on why should you change default login URL. So let’s see how you can change the default login URL and how you can create your custom login URL in WordPress.
How to create custom login URL?
There are many plugins available in WordPress which will reduce our work. To create custom login URL, we also can use many plugins. We will see one such plugin in this post. I will explain each and every step by which you can configure this plugin. You can use any of the plugin.
WPS Hide Login Plugin: This is very lightweight plugin which allows you to create custom login URL. This plugin will not delete default URL. It just makes them inaccessible so all the users will access the admin area via new URL. If you want to use the default login URL then you need to delete this plugin.
To activate this plugin go to plugins–>Add New–>Search for WPS Hide Login. This will be the first plugin when you search for it. Install this plugin and then activate this plugin.
Once you hit activate button you are not able to access the default login URL. This plugin will block default login URL which are wp-login.php and wp-admin.php. The default URL by this plugin is www.domainname.com/login. So if you locked out then you can use this URL to access login area. Once you change this default URL and create your custom login URL, you need to remember it. If you forgot it then you cannot be able to access your dashboard. So once you changed your login URL, write down the new URL somewhere. So if you forgot URL, you can see it from your note.
Now to create desired URL, you need to go to settings–>general. In general setting, go to the end of the screen. At this place you must be able to see WPS hide login section. In the blank field of that section, write your desired URL and then hit the save changes button.
So now, you have changed the default login URL to custom login URL. Now logout from your admin area and try to access the new URL. Hopefully, now you will be able to login with new URL. If you try to access old URLs then they will show page not found error (404).
So by this way, you are able to change the default login URL. Now, remember this new custom login URL and use it to access your admin area.
Over to You
There are many ways by which you can hide the default URL and use of WordPress. By these ways, we cannot prevent from attacks 100%. We only can make these attacks tough for any hackers. To prevent from any attacks totally, we need to use some paid tools and services. Along with those tools, you should use secure and reliable hosting. The above-mentioned method is very easy and it takes 2 to 3 minutes to configure the plugin. So do apply this method and see the result.
If you like this post then shares it with your friends and helps them to create custom login URL and prevent from any attacks. I would like to hear your views on this new URL. So feel free to comment.