Wondering how to change your WordPress login URL? If yes, then you’ve come to the right place. Because in this article, we’re discussing the easy ways to change the default login page URL of the WordPress site.
Among the various security measures for WordPress, one of the most important measures is WordPress login page URL change because of its easy access. When you change the wp-admin URL of the WordPress site, you add an extra layer of security to your site.
So, make sure you go through this article till the end to find the best solution to change the default login page of the WordPress site.
Why Change Your WordPress Login URL?
WordPress is the best content management system (CMS) for everyone who wants to go live on the internet with their site. It’s loved and adored by users as it’s beginner-friendly and allows you to build your website with no hassle.
However, it has disadvantages in terms of security.
The default login page URL of every WordPress site is either yourwebsite.com/wp-admin or yourwebsite.com/wp-login. And these URL is known to everyone, including hackers, bots, and other attackers. Hence, when they’ve access to the login page, it’s easy to get into your site for them because all they require is your password.
And talking about the password, most of the site uses a weak password. So, considering this, attackers have a high chance of getting into your site through the default login page.
Thus, when you change your WordPress login URL to a custom URL, it becomes difficult for hackers to find the route to your login page; this eventually improves your WordPress site’s security.
Besides, you can also provide a better user experience with the custom login page. You can rename the WordPress login page as per your site’s theme or brand.
With that said, let’s explore how to find the login URL.
How to Find WordPress Login URL?
Before discussing the steps to perform WordPress login page URL change, you must first know how to find the WordPress login URL.
As we’ve talked about in the above section, the default WordPress login page is found by adding /wp-admin/ or /admin at the end of your site’s domain name. For example, if your domain name is www.abcd.com, your login page URL would be www.abcd.com/admin or www.abcd.com/wp-admin.
Another method for finding your WordPress site login page is by adding /wp-login.php at the end of your site’s domain name. For example, if your site’s domain name is www.xyx.com, the login page URL is www.xyx.com/wp-login.php.
This method works for the majority of the sites. Thus, anyone can access your login page URL using these methods. And, that’s why we recommend changing your WordPress login URL.
So, use the methods mentioned below to change your WordPress wp-admin URL or disable WordPress wp-login.php.
Methods to Change Your WordPress Login URL
When it comes to adding the functionality or modifying the existing functions of the WordPress site, WordPress plugins come in handy. And even in this case of hiding the default WordPress login URL to a custom URL, using the plugin is the best bet.
Although the plugins don’t guarantee complete security against hackers, they provide an extra security layer to your WordPress site. Some of the plugins you can use to change your WordPress login URL are User Registration, WPS Hide Login, iThemes Security, etc.
1. Using a WordPress Plugin (User Registration)
Among various WordPress plugins used to change the wp-admin URL to something else, we’ve chosen User Registration. It’s the best and the most user-friendly plugin for beginners to experts. You can use the User Registration login page effortlessly and rename the login page on your WordPress site.
Besides, it comes with a My Account and Registration page with a built-in form for registering users. That’s why we can say that the plugin is easy to use.
Step 1: Install and Activate User Registration
First of all, you’ve to install the plugin on your WordPress site. So, to do this, log in to your WordPress dashboard and go to Plugins >> Add New.
From here, go to the search bar and search for the User Registration. When the plugin appears in your search results, click the Install Now button.
Immediately when you see the Activate button, hit the button to activate the plugin on your site.
To allow users to register on your WordPress site, you should turn on the Membership option. To perform this, navigate to the Settings >> General Settings on the dashboard and check on Anyone can register. Now, hit on the Save Changes button at the end.
If you don’t want users to register from the frontend form, you can uncheck.
Step 2: Install User Registration Pages
As you’ve now completed the activation, a new notice appears at the top, providing you with the option of Install User Registration Pages. It has a built-in My Account page and Registration page, as we mentioned above.
Hit the button, and you’ll have those pages on your WordPress site.
Step 3: Create a Login Page for Your Site and Customize It
Since we’ve been talking about the sample page of the User Registration, you don’t need to create a new login page if you’re willing to use the sample pages. Simply use the My Account page through which logged-out users can fill the form to log in.
Meanwhile, we’re also showing you the steps for creating a new login page using the User Registration from scratch.
So, go to the Pages >> Add New to create a new page with Gutenberg block editor in your WordPress dashboard.
You’ll now require to give a title to the page, we’ve provided a title – Sign into your account.
Next, click on the [+] icon to add the User Registration block.
Now, search for the User Registration block using the search bar.
The User Registration block has two options: Registration Form and Login Form. Select the Login Form from the block to build a login page. Also, using the drop-down, select the My Account Shortcode.
It will add the login form to your page. Meanwhile, if you’d chosen the Login Shortcode, it would display the login form but not the account for the user profile when the user logs in. In addition, you’d require redirecting them to the user’s custom profile page.
Once you’re done, publish the page by hitting the Publish button at the top-right corner. Also, you can preview the page by clicking on the Preview button.
Now, go to the User Registration >> Settings and scroll down until you reach the My Account Section. Then, select the new login page you just created using the drop-down menu on My Account. Again, don’t forget to save the changes.
And, if you’re curious to see how your page looks from the front end, navigate to the Pages >> All Pages. Next, hover on the page you created and click on the view.
You’ll see the new login page with the user profile of the admin. It’s because you’ve been logged in as an admin of your site. For those who haven’t logged in the page might look like this:
Meanwhile, this page is accessed using the manual URL or adding the page to your site’s menu. To edit the URL, you can simply open the page and go to the setting of the page at the top-right corner. Now, scroll below to find URL Slug. From here, you can edit the URL of the page.
Update the page after you finish the task.
Step 4: Configure Login Options Setting
At this point, you’ll now require configuring the settings through User Registrations >> Settings.
The General Options lets you define who can’t access the dashboard, provides the option to hide/show passwords, and so on. Also, the settings for the My Account page and ENDPOINT SECTION are available.
The Login Options lets you perform settings like enabling login title, ajax login, remember me, lost password, and so on. From here, you can also edit the labels for your login form’s fields, use the placeholders in the fields, and edit messages for the fields.
Next, Frontend Messages lets you customize the messages for the fields.
All of these are the general settings for your User Registration login form.
Step 5: Replace Default Login Page with Newly Created Login Page
From the User Registration >> Settings, click on the Login Options under the General settings tab to change the wp-admin URL of the WordPress site by replacing the default login page.
Scroll down until you see Prevent Core Login. Since we’ve created a login page with the title “Sign into your Account,” enable the option to replace the default login page with the newly created page.
Now, as you enable the option, a new row appears as Redirect to Login Page. Using the drop-down menu, select the page you just created into which you want to redirect the default login page.
Save the changes made.
Now, whenever you visit the core login page of your site, you’ll be redirected to the new login page that you just made. The default login page will be displayed as below, with a new login page URL.
Step 6: Strengthen Your WordPress Login Security
Since the entire process to change your WordPress login page URL is purely to provide more security to your WordPress site, let’s work on it.
User Registration supports Google reCaptcha. It’s a free security service from Google that assists in protecting the sites from abuse and spam. It blocks the automated software and bots from accessing your sites while humans can enter without any difficulty.
Register your site with Google’s overview page to add the google reCaptcha to your login form. From here, you can generate the Site Key and Secret Key.
Now, visit your WordPress dashboard and navigate to User Registration >> Settings >> Integrations. Next, choose the reCaptcha type for your site.
There are two types of reCaptcha: reCaptcha v2 and reCaptcha v3.
- reCaptcha v2: It tracks users’ actions and identifies the bots.
- reCaptcha v3: It returns a score ranging from 0.0 to 0.1 for each request. The score helps to pass the valid requests.
Enter your Site Key and Secret Key after selecting the reCaptcha version.
Now go to the General >> Login Options, and as you scroll down on the interface, you’ll see the option Enable google reCaptcha. Enable the option and save the settings.
2. Hide the Default Login and Use a Custom Login URL
People mostly hide their wp-admin or wp login.php page to outsmart bots and hackers to prevent attacks. When everybody is getting smarter, we can’t say that nobody can guess your password and attempt to log in.
And when there is a probability of somebody guessing your username and password, it’s better to prevent them from accessing your login page.
As the default login page URL is known to all, another method for hiding the default URL is creating a custom login URL. And for creating the custom login, you can use some security plugins like WPS Hide Login and iThemes Security.
So, let’s discuss them in brief.
WPS Hide Login is a lightweight plugin that allows you to change the default wp-admin URL of the WordPress site to any custom URL. The plugin doesn’t change any of the core files or add new rules; it’s only responsible for intercepting the page requests.
Having said that, when you use the plugin, the wp-admin page and the wp-login.php page of your site become inaccessible. That’s why you should either bookmark the new login URL or remember it. At the same time, the default login page is accessible as soon as you deactivate the plugin.
Key Features of WPS Hide Login:
- Compatible with WordPress version 4.1 or higher
- Compatible with any plugins that hook in the login form
- Works with subdomains, subfolders, and multisite
- Translated into 30 locales
Hide Default Login Using WPS Hide Login
To change the default login URL, start visiting your WordPress dashboard and navigating to Plugins >> Add New. From here, search for the WPS Hide Login using the search bar. Now, Install and Activate the plugin.
After you successfully activate the plugin, you’ll see the plugin under the Settings. Next, to customize the login page URL, click on the Settings >>WPS Hide Login.
Scroll down until you see WPS Hide Login. Here, you’ll see two options as Login url and Redirection url. On the Login URL field, you can enter the path for your login page. For example, you can add “mylogin.” Thus, your new login URL will be www.yourdomain.com/mylogin/.
If you want to redirect your users to the custom URL when you change your login URL, you can add the Redirection URL. Meanwhile, add the redirection URL as a 404 page to stop others from accessing your login page.
As soon as you change the settings, a new message appears at the top, reminding you to bookmark the custom login URL.
So, bookmark the page and sign out of the WordPress dashboard to check the changes. Now, if you’re redirected to the 404 page when you enter the default login page URL, you’ll see the message like this:
Hence, you’ve successfully changed your WordPress site’s default login page URL and created a custom URL that nobody knows except for you. Now, you can visit your WordPress login page with a new URL as below:
ii. iThemes Security
iThemes Security is another security plugin that lets you disable wp login php and add a custom URL for your login page. You can secure your WordPress site in under 10 minutes by enabling the proper security settings using the plugin. Meanwhile, the plugin also provides security for the eCommerce sites.
You can add two-factor authentication to your WordPress site, where the authentication methods include mobile apps, email, and backup codes. Similarly, you can create and apply a password policy, add reCaptcha, and identify the trusted devices using the plugin.
In addition, it also allows you to monitor the site’s security through file change detection, site scanner, user logging, and so on.
Key Features of iThemes Security:
- Creates database backups of your site
- Enforce SSL
- Network brute force protection
- Version management allows to auto-update WordPress, themes, and plugins
Wrapping it Up!
When you go live on the internet, you should always be aware of the path through which unauthorized people can get into your site. And for the WordPress site, the login page URL is one of the easiest ways for hackers and spammers to get in.
But, as we discussed, there are ways to get protection against the attacks. Hence, protect your site using the methods mentioned above.
On top of that, these methods are easy and take only a few minutes of your time. If you’re willing to change your WordPress login page URL, you should definitely try the User Registration plugin. It’s simple to use and offers immediate results.
So, that’s all for now. Write to us in the comment section if you’re confused about any of the above details. Also, you can read more about adding a contact form for your site.