As we all know, the WordPress default login URL is “/wp-login.php” or “/wp-admin,” which redirects the user to the Admin login page. For example, http://www.example.com/wp-login.php. So it is effortless for hackers to destroy your dreams within minutes, hours, or maybe in some days, depending on the Hacker’s skills.
All we need to make secure our websites and should take the necessary steps as soon as possible. It is effortless to know the platform, running theme, user login address (URL), and have used software/tools and even any tool in the default WordPress website installation.
There are three reasons you should care about our WordPress website security. (This tutorial is especially for beginners)
- It is effortless for hackers to tell if any website is a WordPress website but inspect the page’s source and see like /wp-content/themes/style.css and /wp-content/plugins/ etc. Once someone knows your site is a WordPress site, it’s effortless to know that your login Address is /wp-login or /wp-admin.
- You should also know that by default, WordPress creates an “admin” username. Now HackerHacker has your login address login username. Only one step is remaining, which is guessing your password.
- Even if you have changed the “admin” username and are using a strong password, the Hackers will keep trying and waste your server’s resources and cause taking down your site.
Check out: How to Earn Online is a Columnist?
How to hide the WordPress default login URL
The short and lovely answer is to install, activate, and configure the WPS Hide Login WordPress plugin.
- WPS Hide Login Plugin is quite easy to configure.
- Install and activate the plugin
- Go to setting/General Settings
- You will find the “Login URL” and “Redirection URL” fields at the end of the page.
- Just change /wp-admin into whatever slugs you want to choose, for example,/login /ex-login, etc
- In the Redirection URL field, type 404