It is always better to change WordPress login URL to be protected from brute force attacks.
Talking about the brute force attacks, the attacker opens your login page and uses software to try hundreds of thousands of username:password combinations on your site.
In order to try to get your password with brute force attacks, attackers need your login page, but when you change the login URL, your website will become utterly secure from the brute force attack.
You can change your Login URL in two different ways.
- With a Plugin
- By manually renaming the login-page
Below we have shared both the ways. With the help of WPS Hide Login plugin, you can change the login URL of the website in just a few clicks.
The manual way is more complicated; you also need to have your C panel access. It is not possible to change the login URL in a manual mode if your website is hosted on managed WordPress hosting.
How To Change WordPress Login URL With a Plugin?
Several plugins help you to change the login URL of your WordPress Website. We have used WPS Hide Login on a lot of websites as it’s free to use and stable.
Here we are going to share complete step-by-step instructions on how you can change the default login URL of your website.
Step 1: Install WPS Hide Login
To install WPS Hide Login plugin, go to Dashboard >> Plugins >> Add New >> Search for the plugin >> Click on Install & then Activate it.
Step 2: Go to Setting Page
Once you have done with the installation, go to Settings >> General.
Scroll down the page; You will get an option to change the login URL, as shown in the below image.
Type Word or Set of number which you want to set up as your new login URL & click on save.
You have successfully changed the login URL of your WordPress website, WPS Hide Login is not the only plugin that helps you to change the login URL of WordPress Website.
Below are two alternative plugins to change WordPress login URL:
- Change WP-admin login – Change wp-admin login is another best free WordPress plugin that allows you to change the login URL in the same way as WPS Hide Login.
- LoginPress By WPBrigade – Not just limited to login URL this free plugin allows you to customize the login page fully. You can add a background image, change the WordPress login, customize the login button & hide the login page. It also allows you to set max-login attempt limits.
How To Change WordPress Login URL Manually?
The first step is to make sure that you have a code editor so it becomes easy to read through the content of the file. Without a code editor, all you will see is a jumbled up piece of code.
Now, to change WordPress login URL using this method, you need direct access to the files on the server. This could be done with requesting FTP access for the server, or if you’re on a shared hosting, you can directly log into the hosting.
Since a majority of the users use shared hosting, I’ll walk you through the steps using shared hosting. For users on Dedicated hosting or cloud hosting, the only part that’s different is how you gain access to the files.
In this process, we are going to make changes in the wp-login.php file that handles the login page & all the login requests.
- Log in to your hosting account & go to file manager
- Enter the public_html folder and download the wp-login.php file.
- Now locate & open the downloaded file in any code editor so it’s easier to read the file.
- Once you open the wp-login.php file in the code editor, do a Ctrl+F and search for “wp-login”
- Now find the replace the “wp-login” with the preferred word, which you want to set up as the new login URL, for example, “wp-login” become “wp-design-login”
- Now upload the file, and rename it to the new login URL that you set in the wp-login.php file. In our case, it’s “wp-design-login” so our file will be renamed to wp-design-login.php.
Great! That’s all it takes to change the WordPress login URL manually. Now, you can access your WordPress Admin Dashboard with the new PHP file, that nobody knows except you. Don’t forget to remove the wp-login.php file.
Which is Better – Manual or Plugin?
- Plugins are easy to use and don’t require any manual changes, not everyone is comfortable with the code.
- If you use the manual way, every time WordPress updates, the wp-login.php file will be restored. And it’s very common that you will forget to remove it.
According to my experience with WordPress, it’s better to use Plugin in this case because it’s safe and doesn’t add any extra overhead to the end user experience. Just install, set the options and you are good to go.
That’s how you can easily change the WordPress login URL and make it more secure to protect it from brute force attacks. We have shared both the methods, but we recommend you go with the plugin method as it’s more convenient.
We encourage the use of a plugin for most users is to avoid the risk of typing the wrong URL in the file and blocking yourself out of your website.
We hope this article on how to change WordPress login URL is helpful for you.