One of the quickest ways to make your WordPress website more secure is to change the “login” and “admin” pages. WP powers tens of millions of websites across the world, and they all have the same default login page: “wp-admin” and “wp-login.php” which looks like yourwebsite.com/wp-login.php. So hackers will visit your website and see if you’re using WP with that simple step. If you are, then that gives them some ideas of what to do to break into your site.
Even worse, they’ll build computer programs that do all of this for them, so they can check thousands of websites for vulnerabilities without having to do anything themselves. So, let’s learn how to change your login page today.
First, login to the admin area of your website.
Next, click Plugins -> Add New -> Enter in search: “WPS Hide Login”
Once you click that “Install Now” button, the “Install Now” will change to activate. Click “Activate”
Once activated, in the admin sidebar, click “Settings” -> “General” then scroll to the bottom and find the “WPS Hide Login” section. Enter in the login address you’d like to visit and hit “Save Changes”. I made a weird one that very few bots would be able to guess (Unless they read my blog post!): “qqq” If you want, make a redirection page where you want to send people if they attempt to visit the login page. I just left the default 404.
Now log out, log back in, and give it a try! I also tried viewing my old wp-admin and wp-login.php pages and you can see that only my qqq page works now. (I got all 3 links in one page because I’m lazy.) Check em out:
It’s SUPER easy to change your login page using a plugin, so I highly recommend it. Much better than getting hacked. We’ll be covering more WordPress tutorials, and WordPress security tutorials in the future, so be sure to signup for our newsletter to keep improving your site and growing your business!