If you should read this post, you are probably running a website with WordPress. And if I tell you now that the default login URL of WordPress is /wp-login.php , you might think: “So what? Who cares?”. But have you ever thought about the disadvantages of a standard URL?
Here are three reasons why you should think about it:
1. Only some technical understanding is enough to recognize that you are using WordPress. For hackers, it is quite easy to find out whether a particular website is a WordPress website or not. Just take a look at the source code and paths like /wp-content let you know that WordPress is used. As soon as someone knows that your website is a WP page, he also knows the login URL, because it is always the same with WordPress: yourdomain.de/wp-login.php.
2. Now I know your login-URL. Maybe you still use the default username Admin. Now every hacker has it easier if he tries to hack into your site. Because now only the correct password is missing.
3. Now Mr. or Mrs. Hacker can try to log into your website. Even if you don’t use the default username, it’s not too difficult to find out your login data with the right means. There are certain tools that send different combinations in short intervals until the correct data is found. If you have not taken precautions, it is only a matter of time before someone actually tries to get into your system.
This all sounds rather cruel – doesn’t it? I don’t want to spread fear now, please don’t take it amiss. And one thing is for sure, not every website is interesting for hackers. However, anyone who wants to handle his data and the data of his visitors or even customers responsibly should think about the security of his WordPress site. We have already collected some really easy to implement tips in our article on WordPress security. This article, however, will deal with changing the login URL.
How do I change the WordPress login URL?
WPS Hide Login is free and a quite slim plugin. It does exactly what it should. It changes the two URLs wp-login.php and wp-admin – and no more. No more frills.
I have already tested the plugin for you and it works great. Other users seem to be satisfied with the plugin as well, because over 100.000 active installations, with a rating of 4,5 stars, speak for themselves.
WPS login is super easy to configure. First you install and activate the plugin. If you are still a new WordPress user, you can read in the following article how the plugin works: Install plugin with WordPress – how does it actually work?
If the plugin is activated, we click on Settings to rename the URL. You will then be redirected to the settings.
The new URL is entered in the red marked field. Make sure you remember the new URL to be able to log in to WordPress later. The best thing is to write down the new URL before you save the change.
After saving, the /wp-login.php URL is useless and your website is a bit more secure.