Changing your WordPress login URL is an important security measure that helps buttress the security of your website, and by doing so, you are adding an extra protective layer to your site.
Hackers and malicious attackers know that every WordPress site has a default login URL which can either be yourwebsite.com/wp-admin or yourwebsite.com/wp-login gives them an easy entry to your site because the chances that they can easily guess your password is high.
We’ll be walking you through the step-by-step method of how you can change your WordPress login URL, and the most interesting part is that you don’t need to be a tech expert to change your WordPress login. With this guide, you can easily change your WordPress login URL in minutes.
How to change your WordPress login URL
Here are four steps you can follow to change your WordPress login URL.
Step 1: The first step is to install and activate the “WPS hide login plugin” because we will be using this plugin for this demonstration. If you don’t know where you can find the “WPS hide login plugin” here’s how to find it.
- Go to your WordPress dashboard
- Navigate to the “Plugins” section, and check on the “Add new” button.
- Next, In the search bar, search for the WPS hide login plugin.
Once you have found it, the next step is to check to know its compatibility with your site.
Next is to click on the “Install Now” button to get started.
Once it has been installed, the next step is to “Activate” the plugin. To do this, click on the “Activate” button.
Note: Before installing a plugin on your site, especially when you want to create a new WordPress login URL for your site, make sure you have a full backup of your site. This is to ensure that if anything goes wrong, you can easily recover your site with the backup you already have, but not to worry this plugin isn’t going to be a problem for your site.
To back up your site, follow these steps.
You can back up your site through several methods, but we will be showing you one method in which you can back up your WordPress site.
Backup through cPanel or Hosting Control Panel
1. Log in to your cPanel or hosting control panel
2. Navigate to the file manager section
3. Create a full backup of your website, including database and files
4. Download the backup files to your computer and save them. Here you can easily retrieve it.
Step 2: Configuration of the plugin: Once you are done with the installation and activation of the WPS hide login plugin, you need to configure the plugin before you can change your WordPress login URL.
To configure the plugin;
Go to “settings” then click on “General”
Scroll down to the “WPS hide login” section to configure your new login URL site.
You need to configure your new login URL and redirect URL. In the login, URL enter your desired custom login URL, and make sure it's something you can remember, make it unique and hard to guess. In the redirect URL, you can decide to send your visitors to any page you want, or you can decide to send them to a 404 page.
Once your custom login URL and redirect URL has been successfully set up, click on the “Save”: button to save your changes, after which your new URL will be working.
Step 3: If you have multiple registered users who have access to your login page, then you need to update all your bookmarks, and email the new URL to avoid any problems.
Step 4: Once done, you need to test your new login URL to make sure it's working well. To do this, you need to sign out and sign in to your WordPress site, then try logging into your WordPress site using your old login URL to see if it's still in effect or if it's redirecting you to a new URL. Go to your new login URL and enter your details to log in to your site.
How to create a custom login URL in WordPress
There are several reasons why you need to create a custom login URL. First is the security it offers and the second is the customization it gives your brand.
To create a custom login URL in WordPress follow the steps below;
Step 1: you need a plugin. There are several plugins that you can use, but we will be using the "WPS hide login" plugin.
Step 2: Look for the "WPS hide login" on your WordPress search bar, when you find it click on install, after installation click on active to activate the plugin.
Step 3: Once the activation process is complete, go to "Settings" on the WordPress dashboard then click on "WPS Hide Login," there you will see a section where you can create a custom login URL, enter the custom login URL of your choice, in the "Login URL" box provided. Avoid using common names like "admin, or login" because hackers can easily crack your login details and penetrate your site.
Step 4: In the "Redirection URL" box add 404. You'll need to save your changes. To do this Click on the "Save changes" button.
Step 5: Once your custom login URL has been all set up, you'll need to test the custom URL. You can test your URL by logging out of your WordPress account, then login back in again using your custom WordPress login URL. You will be redirected to your login page where you'll need to add your login username and password.
Why you need to change your WordPress login URL
Security is one of the major reasons why you need to change your WordPress login URL. Regardless of the fact that WordPress is a popular website that uses a content management system, it's still vulnerable to hackers because most of its users don't know or have the necessary skill to protect their site from malicious attackers. Your WordPress URL is one of the major things most hackers and attackers target, if they can have access to it, then attacking your site isn't hard.
Changing your WordPress URL is like adding an extra protective coating to your site to protect it from unauthorized access. This makes it harder for hackers to access your site. Hackers can easily penetrate your site, especially when they know the site's login URL, with this, they can easily crack up your site's username and password, and BOOM! They are already on your site.
Apart from changing your WordPress URL for security reasons, most people can also do this for branding reasons, but our main focus here is changing your WordPress URL for security reasons. Your sites' security should be your top priority, as you won’t want to lose all you have worked hard for in past years to hackers.
Below are five reasons why you need to change your WordPress login URL.
1. Reduce bot traffic: there are bots whose aim target is the default logins of URLs of many websites. These bots can be a huge threat to your site, as they attack with brute force, causing damage to your site. Changing your site's URL can help overcome some unnecessary bot traffic invasion to your site, thereby making it hard for hackers to crack its details.
2. Protect your admins account: changing your WordPress login URL will help to conceal or protect your admins account. Most attackers target the admin account because with this account they can have huge access to your site, then they can control all activities going on the site. This can cause a huge havoc to your site, and also irreparable damage. Changing your WordPress login URL can make it harder for these malicious attackers to access your admin account. Reducing the risk of unauthorized access.
3. Enhance website reputation: users won't love to give out their personal information when they know that their details are at risk of attack. Your website security plan plays a major role in building the trust and credibility of your audience. You need to take the bull by the horn and ensure that your user's sensitive information is protected. To take the protective measure to secure your website from attackers, you need to make your users feel their personal information is safe and free from unauthorized access. You need to show them that you are committed to protecting their details by changing your WordPress login URL, making it free from unauthorized access. This can enhance your website's reputation.
4. Protection against hackers: changing your WordPress login URL can help keep persistent hackers away. This makes it more difficult for attackers to penetrate your website login URL. You can also make it more challenging for hackers to access your website by using a strong password that will be easy for you to remember but difficult for hackers to crack, changing your WordPress URL, enabling two-factor authentication, and regular site updates.
5. Discourages script kiddies: Script kiddies are considered inexperienced hackers that use automated tools for their operation. They have no deep knowledge or understanding of hacking and its techniques. These script kiddies are known to be amateur hackers and you can get rid of them easily by changing your WordPress login URL. This is because changing your site's login URL will confuse them, thereby discouraging them from making any further efforts on your site. These script kiddies focus mainly on the predictable URLs, therefore changing your site's login URL sends them a clear message that the site is well protected and hence impenetrable.
With the above few reasons, one can boldly say that securing your WordPress is a very important step to enhance your site's resistance to attack. By changing your WordPress URL to a custom unique URL, you are setting your site up for success, thereby also enhancing your site's reputation.
Importance of securing your WordPress website from potential hacking attempts
There are so many reasons why securing your WordPress login URL is very important. As said earlier, it reduces the risk of havoc on your site. It prevents unauthorized access to your site.
The vulnerability that comes with leaving your WordPress default login URL, such as either yourwebsite.com/wp-admin or yourwebsite.com/wp-login
Making it easier for hackers to penetrate your site and so away with some sensitive data you have. Protecting your site against malicious attackers is vital to protecting your visitors and the site's reputation. If your audience finds out that their information is at risk, you will not only lose your brand's reputation, but also you will lose the trust of your audience to your competitors.
Here are the major importance of securing your WordPress login URL from potential hacking attempts.
1. Your customers deserve to be protected: A fence is built around the house to prevent strangers from accessing the house, now when a gate is added, together with a security guard, this is done to protect the house, from unauthorized access, so that its owners and everyone living in that building feels protected and secured. The same goes for your website. If your audience does feel that your website isn't secure enough, and the chance of thieves breaking in at any time is high, they will likely withdraw from your site.
It's essential that you work towards building your site security because it's very important, especially if you are running an eCommerce store. You'll need to ensure that you change your WordPress login URL to enhance your site's security.
2. It keeps attackers and hackers away: if you don't pay adequate attention to your site's security, then you are given attackers and hackers a green card to penetrate your site, and when they do that they infect your site, steal some sensitive and vital information, and possibly take your site offline. Just like when there is a disease invasion to a body, of course, the body doesn't remain the same. The same thing goes with when a hacker successfully gets into your site.
3. It enhances your site's reputation: if visitors observe that your site is always prone to attack, it will reduce your website reputation, and you will in turn lose your potential customers to your competitors. Changing your WordPress login URL is crucial as it reduces attacks and builds up your brand reputation and customer trust.
4. It enhances website security: This is the number one reason why you'll need to change your WordPress login URL. With the increase in cyber threats, you need to be completely prepared for whatever they may bring to the table. By employing this security measure of changing your WordPress login URL, you are sending out a message to hackers and malicious attackers that your site is completely protected and secured, therefore they should back off. This defense will keep attackers and hackers away.
Changing your WordPress login URL is important if you want to build a strong presence online. It keeps hackers and malicious attackers away, enhances your site's security, builds up trust and reputation, and discourages script kiddies. With the above steps, you can successfully change your WordPress URL and keep your site safe and secured.
- Here's a list of the best website builder services on the market
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Kenneth is a freelance tech writer who's been in the sector for three years. He loves writing about new technology, focusing on web hosting, streaming, cybersecurity, and how it can benefit people's lives.