WordPress is the world’s most popular CMS—for both users and hackers alike. About 90% of all sites that get hacked are WordPress sites, and according to Security Magazine, there is an attack every 39 seconds on the web. Naturally, non-secure usernames and passwords increase the odds of success for these attackers. One way to help safeguard your site and increase your security is to change your WordPress login URL.
Think it sounds a bit complicated? It could be if you opted to try to change your WordPress login URL manually. However, there are some quality plugins, such as Search WPS Hide Login, that make it super easy to change your login URL—no web development knowledge necessary.
Here’s how to change your WordPress login URL in four simple steps:
1. Log In to WordPress
Shortcut: Your domain name plus /wp-admin/ (e.g., yourbusiness.com/wp-admin/)
To start, navigate to your WordPress dashboard. You can log in to your account by using your domain name plus /wp-admin/ (e.g., yourbusiness.com/wp-admin/).
If you have any trouble logging in to your account, learn how to find your WordPress login URL.
Log in to WordPress
2. Back Up Your Site
Shortcut: Settings > UpdraftPlus Backup Backups > Backup Now
Once you’re in your WordPress dashboard, you need to back up your site. This is because while changing your WordPress login URL shouldn’t impact your site, it’s worth playing it safe.
If you don’t already have a way to back up your site, install the Updraft Backup plugin. It’s a top-rated plugin that’s free and makes it easy to back up your site. Then, navigate to “Settings” from the left-hand menu, click “UpdraftPlus Backup Backups,” and click “Backup Now.”
For extra assistance, follow the step-by-step instructions on how to back up a WordPress website.
Back up WordPress using UpdraftPlus
3. Go to Plugins & Install WPS Hide Login
Shortcut: Plugins > Add New > Search WPS Hide Login > Install > Activate
After backing up your site, the next step is to install the WPS Hide Login plugin. To do this, go to “Plugins” from the left-hand vertical menu and click “Add New.” Then, use the search bar to search for “WPS Hide Login.” Once you’ve found it in the search results, click “Install” and then “Activate.”
Install the WPS Hide Login plugin
4. Create a Custom WordPress Login URL
Shortcut: Settings > WPS Hide My Login > Update WordPress Login URL
The last step is to actually create a custom WordPress login URL. To do this, navigate to “Settings” from the left-hand menu and click “WPS Hide Login.” Once on the page, scroll down to the “Login URL” and input your custom login URL in the text box. When done, click “Save Changes” at the bottom of the page.
Caution: Be sure to save your new WordPress login URL. Without it, you won’t be able to log in to your account.
How to change your WordPress login URL using WPS Hide Login
Reasons to Change Your WordPress Login URL
The main reason to customize your WordPress login URL is because it helps secure your site and decrease your chances of cyberattacks. Since WordPress automatically creates the same default login URL for all websites, it’s easy for hackers to tell that your site is built on WordPress, and with that, easy to access your site. In addition, by keeping the default login URL, your site is more susceptible to a brute force attack.
Why you should change your WordPress login URL:
- It’s easy to tell if you’re using WordPress: Step one in hacking a site is first knowing which content management system (CMS) you’re using, and anyone can easily tell if you’re using WordPress if you’re using the default login URL.
- Everyone will know your WP login URL: Sure, this doesn’t mean they automatically know your username and password. However, it’s the next step in hijacking your account. If you make it easy for them to find your login URL, half their work is done.
- It becomes a lot easier for others to access your account: Once hackers have your login URL, they can begin the process of elimination in guessing your username and password.
Frequently Asked Questions (FAQs)
How often should I change my WordPress login URL?
Short of being a high-risk site, such as a massive ecommerce website with millions of visitors and tons of sensitive user and payment information, you probably don’t need to change it more than once. Bots are automated, so most are scanning for WordPress sites that use the default login. When bots come across your site and see that your login page is not accessible from the default /wp-admin/ slug, they’ll move on.
How do I remove WPS Hide Login?
In the instance where you’re not happy with WPS Hide Login, you can convert your site back to its former state by going to “Plugins,” deactivating it, and then deleting it. Afterwards, go to your website backups and restore your site to its most recent version to return to the default /wp-admin/ login URL. Keep in mind that if you’ve added any new blog posts or made any other changes to your site since your last backup, they will be lost when you restore your site.
How do I improve my site’s performance?
Website security and performance go hand-in-hand. After securing your site, improve your site’s performance by removing plugins that you’re not using, upgrade to a faster web hosting plan, optimize images and videos, reduce redirects, enable cache, and compress files. Learn more about the different ways you can improve your site’s performance and find the best website performance tools for your business website.
What other ways can I improve site security?
There are a number of different ways you can improve your website’s security, including removing unnecessary plugins, keeping your version of WordPress up to date, using a virtual private network (VPN) to keep your network secure, and changing user roles and permissions. For detailed insight, get all of the small business cybersecurity tips to help safeguard your site and your business.
Conclusion
Changing your WordPress login URL is a small, yet important step in protecting your small business website from a brute force attack. The easiest way to create a custom WordPress login URL is by using a plugin such as the leading WPS Hide Login plugin. It makes the process incredibly simple and doesn’t involve technical expertise like manually changing it does.
You Might Also Like…
- In the early stages of building a site? Follow the step-by-step instructions on how to make a WordPress website (including a tutorial video).
- Have an online store? Learn more about ecommerce security.
- Learn how to create a better user experience (UX) and increase your conversion rate by incorporating UX design into your site.
Submit Your Comment
You must be logged in to comment. Click a "Log in" button below to connect instantly and comment.
LOG IN