A hacker who wants to gain access to your WordPress site often tries to access the site’s login URL. Unfortunately, it’s pretty easy to find the login URL for any WP site.

In most cases, anyone can get this URL by adding / wp-admin to the domain name.

If your admin URL is so easy to find and you are using a guessed username and password, then your site is easy to hack. For example, some people use the default WordPress username “admin” . It’s just a matter of a few tries before a hacker guesses the password. As such, changing your WordPress login URL and using a hard-to-guess username and password will go a long way in preventing your site from being hacked.

How to change the login url?

Go to your browser and enter the following URL, replacing “mywebsite” with your actual website address:




Here’s what you will see

WordPress login page

This is how easy it is to access your website login page. You might argue, “I am using a very strong password and it is difficult to guess the username, should I still be worried?” – The answer is yes!

A hacker may not actually be interested in hacking your site, but he may “put” it down. And the way it will do it is by entering the wrong username and password many times. The more he tries, the more your site’s server resources will be depleted, and at some point the site will crash.

What to do? You can change the name of the default login pages, wp-login.php or wp-admin.

Keep in mind that while changing the default WordPress login url can improve security, this is not WP’s ultimate security advice. There are many more things you need to do to make your site more secure. 

 How to change the login url?

While there are several methods you can use to replace the default WordPress login, I’ll be using a plugin. And this is no accident.

If you try to make changes manually via FTP, you will succeed. However, technical problems may arise later. For example, if your site is updated to the latest version of WordPress, the login URL will automatically revert to its defaults. Then you will have to repeat this process again. Second, you may run into compatibility issues along the way.

Using WordPress plugins not only saves you these problems, but it is also a simple and straightforward process.

WPS Hide Login Plugin

I selected the WPS Hide Login plugin . It is one of the easiest to use.

First of all, back up your site. Next, install and activate the plugin.

Then go to Settings>> WPS Hide Login

WPS Hide Login Plugin

Scroll down to the bottom of the page. In the Login URL box, enter the desired suffix

WPS Hide Login Plugin

You can use just about any word, just make sure it’s what you can remember. This example has added the suffix “mywebsite” to the website url, thus replacing wp-login.php

Anyone trying to use wp-login.php or wp-admin with to access your login page will be shown a “404” page .

Finally, click the Save Changes button.

Checking the result

To check, re-enter www.mywebsite.com/wp-login.php in your browser. You will get an error like this:

404 error

If for any reason you decide to revert to the default login url, simply remove the plugin.

Also, the ability to change the url of the login page is in the functionality of the All In One WP Security plugin.

Write A Comment