How to change WordPress Admin URL to Protect Blog From Hackers

By |

When you install WordPress for the first time on your blog, then you will get an address to access WordPress administrator area. Wp-admin or wp-login is the address of administrator area of any WordPress site.

WordPress creates two default login addresses and by default address of your WordPress site is like this:

  •            wp-admin.Php 
  •              wp-login.php

This administrator area controls all the activity of a WordPress website i.e. Customization, writing the posts, Accepting Comments, Installation of plugins & theme etc.

During the process of installation of WordPress, you can choose username and password but WordPress doesn’t give any option to create a custom login URL.

So in this post, I am going to show you how you can change default WordPress login URL.

But before that, you should know Why changing wp-admin is a must for every Webmaster and Blogger.

Why do you need to change wp-admin URL of WordPress website?

Protecting your WordPress site from hacking is necessary. All hackers and WordPress user knew the initial address of WordPress administrator area.

They try many attempts with different username and password. This type of hacking attack is called Brute force hacking attack.

If you have not changed your WordPress admin URL then its like you have kept the door closed with a key in it.

How can you change wp-admin URL of WordPress Website Easily?

There are many free plugins that can help you to change WordPress admin URL.

In this post, I am going to talk about three best WordPress plugins that you can use to change WordPress administrator area’s address.

So here goes the list:

1. All In One WP Security & Firewall:Change Wp-admin url


All in One WP Security & Firewall plugin have 500000+ existing installs. This plugin is easy to use, stable and well supported WordPress security plugin.

One of its features is to change WordPress login URL or administrator area address of a WordPress website.

To change wp-admin Url follow these steps:

  • Open WordPress administrator area.
  • Click on WP security
  • Select Brute force.
  • Check Enable rename login page feature.
  • Now enter any string as shown below and save the settings.
    change wp admin url

This plugin provides many other security features:

  • User account management
  • Login lockdown option
  • User Registration
  • Database security
  • Filesystem security
  • WHOIS Lookup Information
  • Blacklist management
  • Brute force attack
  • Spam prevention
  • Security scanner

 2. WPS Hide Login:

WPS Hide Login is a very light plugin that lets you easily and safely change the URL of the login form page to anything you want.

It doesn’t  rename or modify the core files, nor will it add rewrite rules. It merely intercepts page requests and works on any WordPress website.

By using this plugin wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the URL. Deactivating this plugin brings your site back exactly to the state it was before.

3. Lockdown WP Admin:
Change wp admin url

LockdownWP Admin have  70000+ active installs. Lockdown WP Admin is easy, simple and open source software. It is also used to change wp-admin URL or administrator area address of a WordPress website.

When the user isn’t logged in this plugin will hide WordPress Admin (/wp-admin/). If a user is not logged in and he attempts to access WordPress Admin area directly then he will get a 404 Error.

This Plugin can also rename the login URL. This plugin doesn’t make any changes in  .htaccess files or in core files of WordPress.

All the CSS/Images under /wp-admin/ are  accessible, just not the .php ones.

End Notes:

Hiding/changing your WordPress login URL is very necessary.Many websites got hacked each day. By using these free plugins, you can easily change wp-admin URL of the WordPress website and made it more difficult for hackers.

Few tips to add an extra layer of security to your site:

  1. Don’t use Nulled/cracked Themes and Plugins.
  2. Switch over to Https.
  3. Use Hosting that provides quality service.
  4. Make Backups of your site.

I'm a WordPress Enthusiast & SEO Lover. I love to build website and rank them. I also love to share my knowledge and experience through means of blogging.

Leave a Comment