One of the most common security failing and most attack on a WordPress website is a brute force attack. this kind of attack, a hacker tries to try is various permutations & combinations of usernames and passwords in order to get into your WordPress blog.
And especially when they all know the common administration URL access of the WordPress is “wp-admin”, many hacker can just easyly start with the brute force attacking. WordPress have so many free security plugins on the web which can help you prevent brute force attacks. One of a major step that you can take right now is by changing the WordPress admin URL. This way, No hackers will be able to find the link and this reduces the chances of being attacked, keep that in mind.
So what to do?
In our WordPress security series, I’ll introduce you two plugins to change your URL and how you can use . Guess you know that plugins are simply used to change the WordPress connection URL from a security standpoint, and some are to enhance the user experience. Now without further delay, let’s start learning some useful plugins to change the WP login URL.
1. WPS Hide Login Plugin
WPS Hide Login is the so easiest WordPress plugin to change the admin URL. to install this plugin You can go in your WordPress dashboard by going to plugins-> add-> by searching for “wps Hide Login” wps Hide Login Plugin.
After you’ve have installed and activated the plugin, click on Settings > General to configure the options. Scroll down and down, then you will see the option to configure the plugin “WPS Hide login”. Change the WP login URL you can put anything by changing “login” and it will be your new login URL. There is an example, in the screenshot below, is the new URL for WordPress admin connection.
Most are one person to manages their blog, you can use any kind of word that you’ll be able to remember or use something like “JDKFJSCFKD” and save this unique login URL in your bookmark browser. The idea is to make sure your login page is difficult to discover. This way you improve your WordPress login page security to a large extent. It doesn’t literally rename or edit files in the kernel, nor does it add rewrite rules. It simply intercepts page requests and works with any WordPress website.
If more you are looking to do than just harden your WordPress login page security, you should look for the solution below. This one helps with a better branding of your WordPress login and registration page by giving them a memorable page URL. Change wordpress login & Registration URL for better branding: There are a few plugins that allow you to rename your WordPress login, sign up, reset Password and logout URL. This is useful when you have a multi-author blog or use WordPress in a way where multiple users need to regularly register or log in.
And Here the most popular plugin is IThemes Security, but honestly it is not strongly recommended despite that this plugin offers much more than just customizing the URL of your WordPress inscription and login page.
2. Custom Login URL
Custom login URL is a plugin developed just to rename the URL of WordPress admin login pages, registration and other pages. This is another simple to use plugin. after you’ve have installed the plugin and activated, go to Settings > Permalinks to configure. Authentication permalinks You can rename the login URL, the registration URL, the forgotten password URL, the logout URL, and the authentication redirects. Authentication redirects are the URLs to which users will be rerouted after connection or logout.
Now for security standpoint, it’s relevant to change your WP-admin login URL to make it difficult for hackers to guess. This will enhance the security of your WordPress blog to a large extent. At the same time, if you run a multi-author blog or use it in a way where you and others need to interact regularly with the login and registration page, use the other plugins to change the URL. The second option is optional, but I highly recommend that you implement the first option (change your WP-admin URL) for improved security.