Changing a WordPress login URL might not sound vital for many WordPress site owners. But, they might not be aware of the consequences of it. Hackers can immediately identify if your website is WordPress-powered or not. The page’s source and things like /wp-content, themes/styles.css or /wp-content/plugins/…., etc can help a hacker identify a WordPress-powered website. All this information is enough for a hacker to identify your login URL which is /wp-login.php.
The amount of information makes the hacker reach halfway. Now the hacker uses brute force and tries to guess the password. Continuous efforts and possible combinations might also lead to the correct password and open up the credentials and crucial information of the website. Then the procedure is followed by damaging the database of the website, installing backdoors, injecting malicious codes and scripts to defame a website. Hence, it is extremely important to change the URL of a website and keep your WordPress-powered website safe and secure.
Instructions to Change WordPress Login URL
- Complete Backup
Backup is one of the most vital things for a website. Any changes done to a website without a backup might make you lose your original data forever. This means the hard work of years is immediately lost and there won’t be any way to recover it. Therefore, backup of data isn’t just limited to backup of the database, it also includes backup of other essential things. The website and its data should have a backup in such situations. After the backup is done store it in a safe location.
- Install and Activate Better WordPress Security Plugin
Better WP Security Plugin is accounted as one of the best plugins for complete security and hiding login URLs. The plugin provides you with more than 30 ways to keep your WordPress site safe and secured. The plugin has two-factor authentication for enhanced security. The authentication code is either mailed to you or can also be gained with the help of Google Authenticator. The plugin automatically updates the salts and WordPress keys. The plugin also has various other security features such as:
- Malware Scan Scheduling
- Password Security
- Password Expiration
- User Action Logging
- Online File Comparison
- Setup the Better WordPress Security Plugin
After the completion of the setup of the Better WordPress Security Plugin follow the steps mentioned below:
- In the plugins, the section opens the wp-admin option page.
- Make the selection of your backup. Permit the plugin to change your WordPress core files. (Read the cautions before performing this step). Then one can select the option of securing the site from basic attacks provided there.
- Then click on the “Hide” tab. One should have a check at the box labeled “Enabled Hide Backend”. Then enter the desired login, register, and admin slugs. One can also leave them at plugin’s defaults of “login”, “register”, and “admin”. After completing the procedure click on “Save changes”.
- After all the changes do not forget the changed URLs. It might take time to get adapted to the changes made. One can either note it down somewhere or can use the auto-login tool like ManageWP.
- Add your website on ManageWP Dashboard
If you have a changed login URL and you use ManageWP for your website then follow the steps mentioned below:
- Login to the ManageWP Dashboard.
- In the left navigation menu, click on the changed login URL site.
- Select “Options”.
- Change the “Website Admin URL” option from …/wp-admin/ to whatever you feel suitable.
- Click on “Save Changes”. Then a green “Options Updated” message appears on the screen after which the window is auto-closed.
- Click on the website and then click on the “Site Admin” option to check if the ManageWP can auto-login with the new URL.
- If you can log in through ManageWP Dashboard then the procedure is completed.
Conclusion
The following write-up indicates the importance of changing your WordPress Login URL. This helps to keep the hackers at bay and keep the website protected. Along with lowering the chances of being hacked the use of the Better WordPress Security Plugin enhances the security of the website.