Do you want to hide the WordPress login page? Or don’t you know how to use the WPS Hide Login plugin? Keep reading this article!
WordPress is used by 75 million websites all around the world. It is one of the best, simple and powerful CMS in the world. Unfortunately, due to that fact, hackers will try gaining access to your blog to redirect the users to another website, spread malware, or anything they would like to do.
There are so many WordPress security hacks, and WordPress security plugins are available for protecting a blog. One famous and simple one is hiding the WordPress login page.
This post will show you how you can hide the WordPress login page for security! The beginner-friendly and straightforward tutorial for WordPress beginners!
By default, anyone with some knowledge can access the WordPress backend by typing /wp-admin/ at the URL’s end. This will bring them to the WordPress login page.
Some folks would use some bots for bypassing the login page. From the author URL, they will know the username of your account. The next thing they need is a password. The software will be used for guessing passwords.
This is called the Brute Force attack, one of the most famous WordPress hacking techniques.
For protecting your blog against the Brute Force attacks, you could password protect your WordPress admin directory or hide the WordPress admin directory. Hiding the login page is a simple method. You could save your blog from unwanted users and attacks.
Recommended Read: How To Schedule and Auto-Apply WooCommerce Coupon Codes?
We could do the task using the WPS Hide Login. It is a famous and widely used free security plugin for WordPress. There is no need for coding or editing existing files. We can hide the page without modifying any files!
WPS Hide Login is a free security plugin created by WPServeur.
Right now, the plugin is used by more than 400,000 WordPress blogs and has an excellent rating!
The plugin is also a lightweight one that will not compromise your website’s speed.
Thankfully, the free WordPress plugin called WPS Hide Login will make this task easier for beginners. Let’s see how to hide the login page with the plugin.
Total Time: 10 minutes
First of all, log in to your WordPress blog and add a new plugins section. Then search for WPS Hide Login. Once you find the plugin, simply install it on your blog.
Now, you will see the pluginâs settings under the WordPress general settings.
The first option will help us set a custom login URL for the blog. Then, they simply edit it with your new login URL.
Let me make it simple. Letâs say that you need the new WordPress login URL, something like example.com/custom. In that scenario, make the changes like this:
Alright. Now, letâs move to the next section. The redirection URL will be the landing page when someone tries to access your wp-admin page via example.com/wp-admin.
Usually, most folks will leave it blank because it will be redirected to a 404 page. However, if you want, you could redirect all traffic to a custom landing page youâve created.
Ready to move on? Simply save the changes.
Now, WordPress will show you a reminder with the new login page. You may want to consider bookmarking the page for easy access.
From now on, when a user tries to access the login page via /wp-admin, they will be redirected to the URL we have added in the plugin settings. For example, In our case, we have added a 404 URL. As a result, the user will be landed on a 404 page.
To access the login page, you may want to enter our secret login URL. Probably it will be redirected to the WordPress login page.
Thereâs nothing to worry about. Take it easy.
When you forget the custom login URL, you will be locked out of the WordPress admin area. You wonât be able to log in to your blog due to that. If you are in this situation, deactivating the plugin will bring the default login page.
Using cPanelâs file manager or an FTP client such as FileZilla, you will be able to do it. FTP is a simple way for it. All you need to do is, connect the FTP client to your WordPress blog. If you donât have an FTP account, simply create one!
Now, you can access the WordPress admin page via example.com/wp-admin.
Simple, isnât it?
Finally, we have successfully hidden our WordPress login URL and replaced it with a new one. This method is highly recommended and also essential these days.
There’s another plugin available called WP Hide & Security Enhancer in the WordPress plugin repository. If you are interested in more than just hiding your WordPress admin page, check out this plugin.
As usual, log in to your WordPress blog and add a new plugins section. From there, you can install the WP Hide & Security Enhancer plugin on your site.
Once you have installed the plugin, you will need to activate it.
From the plugin settings, you can change the admin URL.
Once you have saved the settings, you are good to go. One good thing about this plugin is, we will be able to reset all the plugin settings without accessing the pluginsâ files via FTP or something. Instead, you will see a custom link for resetting the current configuration on the pluginsâ settings page.
You need to save the link in a safe place. We recommend creating a text document and pasting the reset link inside it.
Hide My WP Ghost is a freemium WordPress security plugin. Like every freemium product, the free version plugin is available on the WordPress plugins repository. You will need to install it on your blog.
Activate it after installing.
You can see the pluginsâ settings on the left-hand side.
From there, choose the Change Paths option. From there, we will be able to modify the default WordPress paths. The first thing you need to do is, hide the WordPress admin page.
You can add a new custom login path for your WordPress admin from the login settings.
Save the new WP login path, and you are good to go. From now on, this would be your WordPress admin path.
If you need a complete premium plugin for changing the WordPress login path, check out Perfmatters.
Instead of hiding your WordPress admin folder, you will be able to password protect it using a straightforward method. It will help us to prevent unauthorized visits to our WP-admin page. Only your staff editors/ administrators can access the admin page using a unique username and password.
This section will show you how you can password protect the WordPress admin directory and add more protection.
The first thing you need to do is, go to thisÂ htpasswd generator.
By entering your username and password, you can create a .htpasswd file.
The system will generate a custom .htpasswd file for you.
Now, we need to add this code to our core. You can use an FTP client or any file manager plugin for accessing your website files. In our case, we will be using a plugin called File Manager for managing our files. Once you have installed and activated the plugin, go to the /wp-admin/ folder.
Create a new folder. You can call itÂ passwdÂ or anything you like. After creating the directory, open it and create a new .htpasswd file. Then, paste the code we generated using the .htpasswd file. If you cannot create a .htpasswd file through the plugin settings, you can create one manually using any code editors and upload it to the server.
Come back to the wp-admin folder and create a new .htaccess file there. Once you have completed a file, open it and paste the below code.
When you paste it, you will need to edit the path to your .htpasswd file and username.
Save the file. And once you have checked your WordPress admin page from a private window, you can see that we have protected it using a username and password!
Sometimes, you will get too many redirects issues after pasting the .htpasswd code. For fixing that issue, paste the below code to your .htaccess file.
Once you have password-protected your WordPress admin directory, the AJAX function won’t work in the frontend. Well, some of your Slider plugins/ contact form plugins will use the AJAX feature. For fixing it, you need to copy the below code, open the /wp-admin/ folder, paste it on your .htaccess file.
Keep in mind that we will be pasting this code to the wp-admin .htaccess file. Not the default .htaccess file.
Some WordPress hosting companies like Kinsta got this feature by default. So when you are hosting your site on Kinsta and need to password protect your WordPress admin folder, you can do it from your account dashboard. No need to rely on any extra tools.
NOTE: There are some premium services available for securing your WordPress site. If you are into security and protection, check out Sucuri, Wordfence, iThemes security, etc. These plugins got so many options for securing your WordPress installation.
This is how you can protect or hide the WordPress login page for better security. As you can see above, with a plugin like WPS Hide Login, we will be able to completely conceal our admin page from the outer world. No coding, no editing files, or anything. A complete beginner-friendly method.
Just hiding the WordPress admin page is not good enough for protecting your site. In that case, you need to make sure that you are using a security plugin, doing regular updates, taking complete website backups, using a secure web hosting company, and a CDN (Content Delivery Network).
In our case, we highly recommend Sucuri as your security solution. This is because it comes with many features like free CDN and WAF (Web Application Firewall).
Some of the frequently asked questions regarding hiding the WordPress admin directory and basic WordPress security are:
WordPress is a popular CMS, and most hackers are targeting it these days. To protecting your work, we recommend hiding your WordPress admin page or password protecting it.
You can hide your WordPress login page using any free plugins we mentioned in this article.
You will need to be in a secured hosting environment. Also, consider using a dedicated security plugin like Sucuri or iThemes security.
We hope you found this post helpful and enjoyed the read. Please consider sharing this post with your friends and fellow bloggers on social media if you did. For more blogging-related posts, you need to check out our blog section. For more WordPress tutorials, theme reviews, and plugin reviews, check out our WordPress archives.
Did you find the article useful?
Then pin me to your Pinterest Board, so that more people will find me
(Remember: The more you give to the Universe, the more you will get from the Universe)So, Pin me