WordPress is used by 75 million websites all around the world. It is one of the best, simple and powerful CMS in the world. Well, due to that fact, hackers will try gaining access of your blog to redirect the users to another website, spread malware or anything they would like to do.
There are so many WordPress security hacks and WordPress security plugins are available for protecting a blog. One of the famous and simple ones is, hiding the WordPress login page.
And in this post, we are going to show you how you can hide the WordPress login page for security! The simple and beginner friendly tutorial for WordPress beginners!
Why Hide Login Page?
By default, anyone with a bit knowledge can access the WordPress backend by typing /wp-admin/ at the end of the URL. This will bring them to the WordPress login page.
Some folks would use some bots for bypassing the login page. From the author URL, they will know the username of your account. Next thing they need is password. The software will be used for guessing passwords.
This is called the Brute Force attack, one of the most famous WordPress hacking techniques.
For protecting your blog against the Brute Force attacks, you could password protect your WordPress admin directory or hide the WordPress admin directory. Hiding the login page is a simple method, you could protect your blog from unwanted users and attacks.
Plugin Method Or Coding?
We could do the task using the WPS Hide Login. It is one of the popular and widely used free security plugin for WordPress. There is no need for coding or editing existing files. We can hide the page without writing a single line of code!
What Is WPS Hide Login?
WPS Hide Login is a free security plugin created by WPServeur.
Right now, the plugin is used by more than 400,000 WordPress blogs and have an awesome rating!
The plugin is also a lightweight one which will not compromise your website’s speed.
How To Hide WordPress Login Page?
Thankfully, the free WordPress plugin called WPS Hide Login which will make this task easier for beginners. Let’s see how to hide the login page with the plugin.
First of all, log in to your WordPress blog and go to the add new plugins section. Then search for WPS Hide Login. Once you found the plugin, simply install it on your blog.
Once you got installed it, activate the plugin.
After installing the plugin, you could see the plugin’s settings under the WordPress general settings.
The first option will help us to set a custom login URL for the blog. They simply edit it with your new login URL.
Let me make it simple. Let’s say that you need the new WordPress login URL something like example.com/custom. In that scenario, make the changes like this:
Alright. Now, let’s move to the next section. The redirection URL will be the landing page when someone tries to access your wp-admin page via example.com/wp-admin.
Normally, most folks will leave it blank because it will be redirected to a 404 page. If you want, you could redirect all traffic to a custom landing page that you’ve created.
Ready to move on? Simply save the changes.
Then, WordPress will show you a reminder with the new login page.
You may want to consider bookmarking the page for easy access. From now on, when a user tries to access the login page via /wp-admin, they will be redirected to the URL we have added in the plugin settings.
For example, In our case, we have added a 404 URL. As a result, the user will be landed on a 404 page.
So for accessing the login page, you may want to enter our secret login URL. Probably it will be redirected to the WordPress login page.
Simple isn’t it?
Finally, we have successfully hidden our WordPress login URL and replaced with a new one. This method is highly recommended and also essential these days.
Have You Forgotten The Login URL?
There’s nothing to worry about. Take it easy.
When you forget the custom login URL, you will be locked out of the WordPress admin area. You won’t be able to login to your blog due to that. If you are in this situation, deactivating the plugin will bring the default login page.
Using cPanel’s file manager or an FTP client such as FileZilla, you will be able to do it. FTP is a simple way for it. All you need to do is, connect the FTP client to your WordPress blog. If you don’t have an FTP account, simply create one!
Go to the /wp-content/plugins/ directory,
Find the WPS Hide Login’s plugin folder,
Delete it from the blog.
Now, you can access the WordPress admin page by via example.com/wp-admin. Another best practice for securing the blog is, by password protecting the WordPress admin directory.
We hope you found this post helpful and enjoyed the read. If you did, please consider sharing this post with your friends and fellow bloggers on social media. For more related posts, you need to check out our blog section.
Don’t forget to pin this article.
And here are some useful WordPress resources and tutorials for you to read next: