Submit a enquiry

    Back to all posts

    WordPress security – change your admin URL

    by Kishan Kotecha Partnership Manager

    As the most popular content management system on the web, WordPress is a prime target for hackers and malicious actors. One crucial step in fortifying your WordPress site against potential threats is changing the default admin URL. In this blog post, we’ll delve into why this simple yet effective measure is essential for safeguarding your website.

    Why Change Your WordPress Admin URL?

    By default, WordPress assigns the admin login URL to “/wp-admin” or “/wp-login.php.” While this convenience may seem harmless, it presents a vulnerability for attackers. Hackers often target these default login URLs, attempting brute force attacks or exploiting known vulnerabilities to gain unauthorized access to your site.

    Changing your admin URL adds an extra layer of security by obscuring the login page’s location. This simple tweak can thwart many automated attacks and significantly reduce the risk of unauthorized access to your WordPress dashboard.

    How to Change Your Admin URL

    Changing your WordPress admin URL is a straightforward process. You can achieve this by adding a custom function to your theme’s functions.php file or using a dedicated security plugin like WPS Hide Login. Below is a code example demonstrating how to change the admin URL using a custom function:

    function custom_admin_url() {
        $new_admin_url = 'new-admin-url'; // Replace with your desired admin URL
        $current_url = $_SERVER['REQUEST_URI'];
        // Check if the current URL contains 'wp-admin'
        if (strpos($current_url, 'wp-admin') !== false) {
            // Redirect to the new admin URL
    add_action('init', 'custom_admin_url');

    Introducing WPS Hide Login Plugin

    While the manual method described above is effective, using a dedicated plugin simplifies the process and provides additional features. WPS Hide Login is a popular plugin designed specifically for changing the WordPress login URL. Here’s why we recommend it:

    • User-Friendly Interface: WPS Hide Login offers a user-friendly interface, making it easy for WordPress users of all levels to change their admin URL without any coding knowledge.
    • Advanced Security Features: In addition to changing the login URL, WPS Hide Login includes features like IP-based restrictions and the ability to redirect users to a specific page after login, further enhancing your site’s security.
    • Regular Updates: The plugin is actively maintained and updated to ensure compatibility with the latest versions of WordPress, guaranteeing ongoing protection for your website.

    By installing and configuring the WPS Hide Login plugin, you can effortlessly change your WordPress admin URL and bolster your site’s defences against potential threats.