• WP Themes
    • Free Themes
      • Oswald Lite WP Theme
      • MariGold WP Theme
    • Premium Themes
      • Oswald WP Theme
  • WP Tuts
  • WP Reviews
  • WP Hosting
  • Freebies
  • Book a Review
  • Contacts
Home/How to Hide Your WordPress Login Page From Hackers + Readymade Solutions
2 shares
How to Hide Your WordPress Login Page From Hackers + Readymade Solutions
September 29, 2017 | Tutorials | 0 comments

How to Hide Your WordPress Login Page From Hackers + Readymade Solutions

Every WordPress website sooner or later becomes the subject of malicious login attempts. If you read a codex, you’ve probably found the brute force attacks article devoted to hacker attacks, and find some key tips on how to protect your website.

Except for this, there are some other widespread ways to protect your website’s admin area, and they include:

  • any protecting module or a good security plugin;
  • captcha or reCaptcha verification;
  • limiting login attempts;
  • unique usernames and complicated passwords;
    etc.

A good strategy of protecting the login page from the brute force is to hide the login page from hackers. This strategy is good for you only if your site login attempts are limited to admins, authors, editors, and contributors. However, if you run a membership website where it allows user login, hiding the login page is not your variant.

So how to hide your login page from hackers? There are a few steps:

1. Install WordPress in a unique directory

You can install a new WordPress in any subfolder of your server. After that, you can run your WordPress from a subdirectory no matter you’re dealing with a new WP installation or an existing website.

Of course, if you are moving the existing WP installation to the subdirectory, you should create a complete backup of your website in advance. Please read the detailed tutorial on how to create a backup here.

When you’re using a unique directory for WordPress, don’t create any predictable and easy-to-guess names for your folder. You can use anything like http://example.com/mycoolwebsite or http://example.com/hellothere or anything else like http://example.com/ghgjgf and this will be tough to predict. Just be sure you will remember the name of the directory or note it down somewhere not to forget.

2. Hide the login page URL and redirect the wp-login.php.

By default, WordPress loads the login page called wp-login.php, but even if you type http://example.com/wp-admin, you will be automatically redirected to a wp-login page.

If your WordPress is already installed in a unique directory (a subdirectory), you’ve added a directory between your domain name and wp-login.php.

However, even if you’ve invented the unique name for your directory, if a hacker tries to go to http://example.com/wp-login.php by typing wp-admin, they will be redirected to the correct login page which will look like http://example.com/ghgjgf/wp-login.php.

To prevent this redirect, you need to lock down access to wp-login.php and redirect it to any page you want or a 404 error page, and then replace it with a fully custom login URL which will also be hard to predict.

Of course, you should create something easy to remember for you and hard to guess for others. For instance, this can be something like http://example.com/ghgjgf/hitt or anything else.

We’d also like to present some useful plugins which will help you secure your WordPress login page as well as provide many more great features:

1. Tartarus Bot Ban & Crawl Control Plugin for WordPress

With the help of this plugin, you can cast out the bad bots that crawl your website. You’ll be able to create a bad crawler trap that will block further access of ‘bad bots’, however, that doesn’t refer to the rules you defined in the robots.txt file.

The solution allows you to automatically block all known bots including the ones with real SEO value – GoogleBot, BingBot, Yandex, etc.

View Demo

2. WP Security Manager

This is a good security plugin that will help to block malicious IPs automatically and manually, prevent from keylogging with a virtual keyboard, and hide wp-admin as well as change wp-login URL.

More features of the plugin include bot protection with captcha in login, register & comment forms, protection from brute-force login attacks, login activities supervision, admin detection, and username change, and more.

View Demo

3. WP Magic Link Login – Passwordless Authentication WordPress Plugin

This solution allows to secure your website by allowing your users to login without a password. After submitting the email address, they’ll receive a secure login link via email that will have an expiration time from 1 to 60 minutes.

When the user accesses the link, it will automatically login without asking a password. You can also enhance the security by restricting users to login from the same IP address that requested the link.

View Demo

Conclusion:

As you see, it’s easy to protect your WordPress login page either by your own or using any available readymade solutions. Keep staying with us to read more tuts and other exciting things that will help you build and run your WordPress website with simplicity and fun.

melany hollywell wpdaddy
wpdaddy

Hi! I’m an experienced writer exploring WordPress for more than 5 years. I’m happy to share my knowledge and ideas with you and I hope you join me.

Cheers,
Melany H.

Share this post:
Related Posts
January 28, 2019

Business Consulting and Finance WordPress Themes for Modern Entrepreneurs

Today we are happy to present a fresh collection of business and corporate WordPress themes suitable for consulting, finance, investment, insurance, agency, and many...
Read this post
October 20, 2017

Christmas Icon Set for Your Holiday Designs – Instant Freebie Download!

Christmas is both a religious and cultural celebration, and it is a favorite and one of the warmest family holidays for billions of people around the world. We all w...
Read this post
Subscribe to our Newsletter
Never miss out on the latest news, updates and tips. Subscribe now!
Download Revolution Slider Here!
revolution slider image
Categories
  • Art and Culture
  • Blog and Magazine
  • Business
  • Cars and Transport
  • Cleaning and Janitorial
  • Crypto ICO Token Sales
  • Design
  • Directory and Listing
  • Education
  • Entertainment
  • Events
  • Fashion
  • Free Themes
  • Freebies
  • Gutenberg
  • Health and Beauty
  • Hosting
  • Industry and Construction
  • Inspiration
  • Interview
  • Kids
  • Landscape and Gardening
  • Multipurpose
  • Non-Profit and Charity
  • Pets and Animals
  • Photography
  • Plugins
  • Portfolio
  • Real Estate
  • Restaurant
  • Reviews
  • Sports
  • Technology
  • Traveling
  • Tutorials
  • WooCommerce
Popular Posts:
  • Best Face Generators to C...
  • How to Add Video in the S...
  • How to Enlarge Images Whe...
  • How to Center a Shortcode...
  • How to Fix ‘Browser...

Copyright © 2020 WP Daddy. All Rights Reserved.

Follow Us: