WordPress is a very popular CMS and millions of users are using WordPress for their business or others stuff. Hackers also target WordPress to spread malware or down the website. There are some common ways to attacks any WordPress website. One of the main ways is running script by using the default URL. Everyone knows that WordPress admin URL is “wp-admin” or wp-login.php. So it is very easy to attack with the default login URL which is wp-admin or wp-login.php.

So how we can make our WordPress website more secure? There are many steps to do it. Some of are:

1) Change WordPress admin URL
2) Take regular backup
4) Set file permission
5) Limit the attempted login

Change WordPress admin URL to improve security

There are two ways to change WordPress admin URL to improve security.
1) By using Plugin: Who are not tech people but want to change WordPress default login URL without writing any code then use a plugin.
2) Write code: If you know the WordPress and PHP then Edit some files (Do not do it if you are not familiar with Code and always take a backup of your website) of your website.

I will show you step by step that how to change WordPress admin URL in both ways.
A) Change WordPress default login URL by using Plugin

1) Lockdown WP Admin: Lockdown WP Admin is one of the best and easy plugin to use to change WordPress default login URL. It is very easy to use and it is free. Follow the steps to use Lockdown WP Admin.

Step-1: Search and active the plugin Lockdown WP Admin

change WordPress admin URL

Step 2: Go to the admin menu from left side. In the setting you will WordPerss Login url input box. write your login url as your demand. I have wrote ‘custom-login’ for example and save it.

change WordPress admin URL

Step 3: Done!! If you login with “wp-admin” or ?wp-login.php” then it will show the 404 page.

Step 4: Login to WP with your given custom url. I have given “custom-login” as my custom login URL. It is perfecly Working.

change WordPress admin URL

2) WPS Hide Login: Another Great plugin to change WordPress default login URL is WPS Hide Login. It is also free and easy to change. To use this plugin just follow the steps.

Step-1: Install and Active the plugin.

Step-2:  You will see an input box named login url. Give you desire login url text and save. You have done.

Step 3: Go to browser and write try to access with default URL which is “wp-admin” or wp-login.php it will show 404 page,

Browse with your custom login URL text for my case it is “secure-login”. It will show the admin login area.


There are many security plugins for WordPress whose also provide to change WordPress admin URL facility like All in one WP Security, iThemes security, BulletProof Security and so on.
B) Change WordPress Admin URL without the plugin
Step-1: Write the below code in .htaccess file (which is in your root folder) immediate after <IfModule mod_rewrite.c>.

RewriteRule ^securelogin(.*) wp-login.php?%{QUERY_STRING}


Step-2: write the following code in the functions.php file in your theme.

add_filter( 'login_url', 'custom_login_url', 10, 2 );
function custom_login_url( $login_url, $redirect ) {
return str_replace("wp-login.php","securelogin",$login_url);

add_action( 'login_form', 'replace_default_login_form',1); 
function replace_default_login_form() {
$custom_login = ob_get_contents();
$custom_login= str_replace("wp-login.php","securelogin",$custom_login ); 
echo $custom_login;

Now you can login with custom URL which is www.yourdomain.com/securelogin/
And default “wp-admin” URL will show the 404 page.

Congratulations!! Now you know how to change WordPress admin URL. Thank you for reading the article. For fresh content and WordPress Tips connect with Your WordPress Expert.  We will be happy to help you.