How to secure your WordPress Login URL

How to secure your WordPress Login URL

March 10, 2021 / Eternal Team

WordPress is one of the many popular Open Source Platform which will help you host your content which can widely range from blogs on anything to your enterprises main-page. It is probably an easy and power-packed blogging and website content management system (CMS). It is so famous that it powers a 26.4% of the internet as well as the most used CMS as it has almost 59% market share in CMS usage as well as interestingly, on a daily basis almost 500 sites are created on WordPress.

Amazon Web Services (AWS) on the other hand is leading the cloud market by providing extremely customizable/tweakable cloud infrastructure as well as to-your-liking custom solutions for your cloud hosting requirements

So, anyone can easily find the default login page by adding ‘wp-admin’ or ‘wp-login.php’ in the URL. Hackers can use different strategies to hack your website, and one of the most common is ‘brute force attack.’

In this way, attackers try to gain access to your website by guessing the login password of your site. One way to secure your login page is to change the login URL of your site.

This blog will help you to change the WordPress login URL without a plugin.

The wp-login.php file is to contain all the codes that generate the login page and handles the login sequence.

When you rename the wp-login.php file, it will change your login URL. All you have to do is access the files of your site with a text editor.

There are 4 things we are going to do

  • Download the ‘wp-login.php’ file.
  • Change the login URL.
  • Upload the new file.
  • Test the new file.

Download the ‘wp-login.php’ file

First login to your sites administrative area using your id and password. Now go to file manager > public_html and download the ‘wp-login.php’ file.

Change the login URL

Now rename the file with the URL you used.

Now simple Upload the new file

Again login to your sites administrative area and go to file manager. Now click on the ‘upload’ button and upload the file that you modified. Then delete the ‘wp-login.php’ file.

And Test the new file Now you can log-in with the new URL. Type your site URL with the new name. Any requests to ‘wp-admin’ or ‘wp-login’.php will lead visitors to 404 not found page.


Talk to AWS Certified Consultant

    Want to start a project?

    It’s simple.

    Contact us