As WordPress power most of the websites on Internet so it becomes very important to maintain its security.As WordPress is developed by Developer taking account of its security.But they left some customization on users these include URL changing, link structure and much more …Most of us don’t bother about the admin URL that “http://www.yourdomain.com/wp-admin” which can be brute forced
brute forcing applying various combinations of Usernames and Passwords until they matched with correct one!
by the attackers and it will be very hazardous.We must change some default setting to improve our Website security.In today’s Post, I will mainly focus on to change admin URL methods.
Changing the admin URL Using WPS Hide Login plugin.
It is available in WordPress plugin store.Just search for WPS hide login and install it.
Go to Installed plugins >> WPS hide login.
click on settings and change the admin URL [ remember this URL !].
Using protect your admin plugin.
Install and activate from WordPress plugin directory.
Go to Protect your admin >> settings.
Enter you admin slug.
if you Enter slug as "admin" your admin URL will be "http://youdomain.com/admin".
- You can customize your login screen by Tab “loginPage style”.
- You can set permissions for each user
Some points to remember:-
- Never choose admin slug as the most common keyword like admin, login as they are easy to guess.
- Always use complex passwords with using !@#$%^&:;
- Get an SSL certificate installed on your web server and always use HTTPS protocol to browser admin otherwise, you may be the victim of MITM attacks.
- There are ton’s of plugin available on the market use them to regularly check for vulnerability and malware and always keep your WordPress installation updated.
- Before using a plugin you don’t trust ..please do a backup or try it on local server [i prefer].
- Use Hide Admin Bar from Non-Admins plugin to prevent anyone accessing the admin bar.