How to Change The Login URL on WordPress

As a measure to improve website security, one of the steps you could take would be to change the login URL so you can avoid spam login attempts and prevent potential hacks.

If you are using a WordPress website, the default login URL is which is not ideal as it’s easily identifiable.

In this article, we will take you through the steps to change the login URL and create a custom one on WordPress. We’ll also discuss why adding a custom URL will improve the browsing experience for your visitors.

Importance of changing the login URL

Over 40% of websites run on the most popular CMS platform, WordPress. Due to its popularity, hackers frequently attempt to access your dashboard using methods like brute force attacks.

There are mainly two ways to login to a WordPress website and they are the standard login URLs, i.e. “/wp-admin/” or “/wp-login/.” You would probably agree that the high security risk is caused by the fact that these URLs are fairly obvious and simple to remember. 

Although WordPress does not offer the option to customize the Login URL, you can use the process described in this article to do so for your website.

You can increase the security of your website and make it more challenging for hackers to access it by changing the URL of the WordPress login page.

Here’s why you should consider changing the login URL on WordPress:

Prevent Any Form of Brute Force Attacks

Brute force attacks are a type of cyber-attack in which hackers use software to enter different combinations of spinning characters to discover your website’s password.

Setting up a distinct login URL makes life more difficult for hackers, prevents unwanted clutter on your website and improves the overall security of your website.

Speed Up Your Website

Closely related to the previous point about brute force attacks, changing the login URL can prevent unnecessary use of server resources as you will now be eliminating these attacks. This will result in an improvement in page speed.

How to change the login URL on WordPress?

If your website is built on WordPress, one of the easiest ways to change the login URL is by using a plugin. Below are some of the plugins you can use:

Change the login URL with WPS Hide Login

This is a popular plugin to change login URL on WordPress with over 1M active downloads. It’s a lightweight plugin, has great reviews, and the developer often updates it. Once you’ve downloaded and activated the plugin:

Go to Settings > General in your WordPress dashboard.

Scroll right to the bottom until you see a section called WPS Hide Login which should look something like this,

Change the login URL with WPS Hide Login

You can configure a new login page URL by typing it after your website’s domain name. In the Redirection URL field, enter the URL path you want to redirect people to who attempt to log in to the website.

Change the login URL with iThemes Security

iThemes Security is another great plugin that helps add another level of security to your WordPress website. To change the login URL with iThemes Security, download and activate the plugin and go to Security > Advanced > Hide Backend

Change login URL with iThemes

You will then be directed to a pop-up where you’ll be able to change the login URL as you wish. Once done, click “Save Settings” and you’re good to go. 

Change the login URL with All-In-One Security (AIOS)

This is another popular plugin that provides a comprehensive security solution across different domains. One of them is the ability to change the login URL. Simply download and activate the plugin, click on WP Security > Brute Force in your WordPress dashboard.

Change login URL with All in One Security

You will see a tab named “Rename Login Page

Change login URL with AIOS

Check the “Enable Rename Login Page Feature” checkbox and then enter a new login page URL then click “Save Settings”.

Few important points to note

First, once you activate this plugin, you can’t access the admin panel using the default login URLs. WPS Hide Login defaults to /login. This happens immediately after activation, before you customize the default login URL. Therefore it’s important that you take note of the new login URL (maybe use a password manager) else you will not be able to login to the website.

Afterall, you’re trying to make your team/clients’ lives easier and hackers’ lives harder. Don’t lock yourself out of your site.

Second, if you deactivate the plugin, your site will use wp-admin and wp-login.php again. 

Finally, you could also choose to change the login URL without a plugin (the hard code method) though it’s not highly recommended. However, if you feel comfortable going down this route, you are more than welcome to do it.

Also Read

5 Ways You Can Incorporate Trust Factors Into Your Website

When it comes to running a successful online business, trust is one of the most important factors to consider. Customers are more likely to purchase products or services from a website that they trust. Therefore, it’s essential to incorporate trust factors into your website. In this article, we will discuss five ways to incorporate trust

Read More

How to Create a Compelling Offer To Local Businesses

As an owner of a local marketing agency, knowing how to create a compelling offer is essential to attracting clients. To grab the attention of your prospects, you need to create an irresistible offer that cannot say no to! So how do you create an offer that stands out from the competition and motivates potential

Read More