📒 

One effective way to protect your WordPress site from unauthorized access and brute force attacks is by changing the default login URL. The default WordPress admin login URL is yoursite.com/wp-admin or yoursite.com/wp-login.php, which hackers often target. By using the WPS Hide Login plugin, you can change this URL to something less predictable, improving your site’s security.

Here’s a step-by-step guide on how to use WPS Hide Login to protect your WordPress admin page.

Step 1: Install the WPS Hide Login Plugin

  1. Log into your WordPress dashboard.
  2. Navigate to Plugins > Add New.
  3. In the search bar, type WPS Hide Login.
  4. Click Install Now next to the WPS Hide Login plugin.
  5. Once the installation is complete, click Activate.

Step 2: Configure the WPS Hide Login Plugin

After activating the plugin, you need to configure it to change the default login URL.

  1. In your WordPress dashboard, go to Settings > General.
  2. Scroll down to the bottom of the General Settings page. You’ll see a section for WPS Hide Login.
  3. In the Login URL field, enter the new custom URL you want to use for your WordPress admin page. For example, you could set it to yoursite.com/mylogin or something more unique like yoursite.com/private-access.
    • Make sure to choose a unique and hard-to-guess URL to enhance security.
  4. In the Redirection URL field, enter the page where visitors will be redirected if they try to access the default login page (wp-login.php or wp-admin). You can redirect them to your homepage, a 404 page, or any other page on your site.
    • Example: yoursite.com/404 or yoursite.com.
  5. Click Save Changes.

Step 3: Log in Using Your New Login URL

After saving the changes, your default login URL (yoursite.com/wp-admin or yoursite.com/wp-login.php) will no longer work. Anyone trying to access these URLs will be redirected to the page you set in the Redirection URL field.

  1. To log into your site, go to the new custom login URL you specified (e.g., yoursite.com/mylogin).
  2. Enter your WordPress credentials to access your dashboard.

Step 4: Bookmark the New Login URL

Make sure to bookmark your new login URL, as the default login URL will no longer work. If you forget your custom login URL, you will need to access your site via FTP or hosting control panel to disable the WPS Hide Login plugin.

Step 5: Test the Redirection

It’s important to test whether the old login URLs are properly redirecting to the page you specified:

  1. Try accessing yoursite.com/wp-admin or yoursite.com/wp-login.php.
  2. You should be redirected to the page you set in the Redirection URL field.

Step 6: Optional: Secure Further with Other Plugins

While WPS Hide Login significantly enhances security by changing the default login URL, you can combine it with other security measures for even greater protection:

  • Limit Login Attempts Reloaded: This plugin limits the number of login attempts to prevent brute force attacks.
  • Wordfence Security: Provides a firewall, malware scanner, and other advanced security features.
  • Sucuri Security: Offers malware scanning and activity monitoring for added protection.

How to Disable WPS Hide Login If You Forget Your New URL

If you forget your custom login URL and can’t access the WordPress dashboard, you can disable the plugin via FTP or your hosting control panel.

  1. Log in to your website’s hosting control panel or access your site via FTP.
  2. Navigate to the /wp-content/plugins/ directory.
  3. Rename the folder wps-hide-login to something like wps-hide-login-disabled.
  4. This will deactivate the plugin, and you’ll be able to log in again using the default URL (yoursite.com/wp-admin).
  5. After logging in, rename the folder back to wps-hide-login to reactivate the plugin.

Conclusion

Using WPS Hide Login to change your WordPress admin login URL is an easy and effective way to protect your site from unauthorized access and brute force attacks. By following the steps above, you can quickly enhance your website’s security and keep malicious users away from the default login page. Just remember to bookmark your new login URL and combine this with other security measures for the best protection.