Continuing with our WordPress security theme, in this guide we’ll find out how we can further prevent unauthorized login attempts by hiding the default WordPress login URL. This introduces a big obstacle to attackers who by default target wp-login.php or wp-admin/, you can’t attack what’s not there, right? How are we going to do that? You guessed it, there’s a plugin for it.
WPS Hide Login
WPS Hide Login will help us accomplish today’s task. It’s extremely easy to set up requiring next to no configuration. After you install and activate it navigate to Settings > WPS Hide Login.
You will be presented with this simple configuration screen. Just fill in the new login URL and the redirect URL which will be the one anyone trying to access the login page will see. Click the Save Changes button below and you are done! Just make sure to bookmark the new login URL because if you forget it you won’t be able to login. Reverting to the original login URLs is as easy as deactivating the plugin.
Your default login URLs are now hidden and your site is further protected against brute force attacks. Hopefully you found this guide useful. Have you got any ideas on topics you’d like to see discussed on our blog? Let us know in the comments below.