WordPress Admin Login seems to be a new label to newcomers. Usually, they have to spend quite a lot of time logging in to WordPress. Besides, hackers usually use the method “brute force attack” to take control of your website. Here, they will try to break into your WordPress site by using an enormous variety of usernames and passwords combinations. With the file WordPress admin URL named “wp-admin”, it becomes much easier to be got over. Therefore, we have come up to help you acknowledge and change your admin login URL.
Why is WordPress Admin Login Important?
You will instantly have access to your WordPress admin dashboard once you have installed WordPress on your site. In there, users can prepare and edit anything before/after publishing the web. In another way, the WordPress admin dashboard keeps others from editing and managing your site. You can’t gain full management of your site when you don’t have the WordPress login admin’s access.
How to Find the URL of Your Site
On a Domain
To reach your site’s login tab, you will add /wp-login.php, /login/, or /admin/ at the WordPress login URL’s end. If you are using a subdomain or a subdirectory, you can do the same thing. Thus, it will take you to the WordPress login tap/popup/page on your site.
On a Subdomain/Subdirectory
You can use it when you have just installed new WordPress. However, you may accidentally install on a subdomain or a subdirectory. If so, you can add a closing slash with /admin/, /login/, or /wp-login.php. You will be taken to the site’s WordPress login tab. In the site option, you may set up the “Remember me” option to keep you unforgettable on the site.
Login Tab for WordPress: How to Change It?
The biggest priority you should make to your site is to make your site safe and away from bad people (hackers, scammers, etc.). Once they can get access to your admin dashboard, they will begin to mess up everything or even take control of your site. Besides a long and hard to predict password, you should take other precautions to prevent site security breaches.
You should change your WordPress admin login URL. It can prevent hackers or put up a serious fight with unexpected outside attacks. As has been said, the brute force attack is an attack that vicious people will attempt to guess out your usernames and passwords time after time using an enormous list of leaked usernames and passwords. Besides, they have scripts that automatically try thousands or millions of different attempts for them. In our opinion, they may have a high opportunity of successfully logging in to your WordPress management dashboard if the username is in the leaking list. If you reveal your WordPress login URL, hackers and scammers can simply access your site. Well, the consequences will be unpredictable. Therefore, you should deliver your login page to other places.
Alternate the Login Tab with a Plugin
A plugin is the simplest way for you to alternate your WordPress admin URL. We suggest you should use the WPS Hide Login plugin for the best outcomes. Trusted by over 900000 users, this plugin is very light and does not change your files and settings. Also, the plugin is compatible with other plugins like bbPress and BuddyPress.
First, you have to download and install it to your WordPress theme. Next, you will provide the new login URL path in the “Login URL” section in the plugin’s setting options. In the area “Redirection URL”, you add a particular redirecting URL. It will trigger when a person attempts to gain access to the wp-admin directory and wp-login.php tab or site while not being logged in. Finally, choose “Save Changes”.
Remember, if you confirm this process, your site will remove the old URL and you have to update your bookmarks. In case anything happens, remove the plugin via SFTP on your server. There are some alternative plugins for you to make it possible. Although this method is quite careful, professional hackers can still figure it out and make it through this plugin protection. Otherwise, normal or newbie hackers can’t get through this protection.
Thus, you should take care a lot about this problem. Your site is your business, dream, and career, and you don’t want anyone to mess it up for their purposes. Particularly, the more widgets and protections you own, the fewer chances the hacker can have to archive to log into the WordPress management page.
On the other hand, you can avoid some significant errors in WordPress like “429 Too Many Requests”. For more information, the error will come up when you send too many requests in a period.
Edit and Manage the File .htaccess
Besides a plugin, you can edit the file .htaccess to hide or change the WordPress login link. Appeared in cPanel, the file can control your login tab including usernames and passwords. There are 2 ways for you to hide it safely. First, protect your .htaccess file with an .htpasswd file. In this way, people logging in to your login tab must enter a password. Or, you may use a .htpasswd widget for your site’s password protection. Second, allow access to your site from a trusted IPs list.
Restricting login attempts
This is a quite new tool for users to make WordPress login URL. In the market, you can download a free plugin to take care of that.
The plugin offers 2 options: Allowed Retries (provide several re-attempts before locking) and Total Lockouts (provide hackers’ info and lock their IPs). From our experience, the acceptable retry times should lie from 3 to 6. 3 to 6 is the right amount for people to realize the wrong places and fix them. Well, we all love a second chance, right?
Besides, you should set it usually since your site has lots of guests but who knows if there is a hacker or more.
- Minute lockouts: Describe how long it will take to lock out a login turn. To us, the worst opinion is to set the time duration to “Forever”. It will sometimes cause malfunction and low-loading sites. 20-35-minute should be fine for everyone.
- – Increased lockouts: Professional hackers won’t let your site go easily like that. They will be back with other brute force attacks. Therefore, the most suitable way is to lock them out from logging in to our site. 1-2 days will be the proper period.
- Hours until retries: This is very normal when people log in the maximum allowed times but don’t pass. Normally, you will set a waiting time based on your interests and circumstances.
On the other hand, it offers users a trusted IPs list, whitelist, and blacklist.
Fix the Most Popular Issues with a Plugin
With most people, it’s very easy to log in and get familiar with WordPress. However, some don’t. After years of working, we have realized the main problems:
- Issues to change WordPress login URL.
- Issues with cookies.
Let’s fix them together!
Forgot/Lost your Password
If you can’t log in and the page notifies below the password filling area, it might be from the login check. First of all, you know, you should check whether you type in the correct username and password or not. Surprisingly, 90% of users have at least one time made this simple error.
If wrong typing is not the reason, you should change your WordPress password. First, choose “Lost your passwords?” Then, you will be led to another page where you will enter your email address or username. The site will send you a new password to log in.
Manual phpMyAdmin WordPress Reset Password
What if the manual changing password is not as easy as working to WordPress change login URL?
Well, it is about time to think about using phpMyAdmin. If you are not confident doing this, please contact WordPress developers or experts to get it done.
With the other, you can reset passwords when managing password files in the database. Remember, back up all your site’s files before doing this. Now, let’s get started!
First, log in to your phpMyAdmin. In the left-side database, you will navigate to the file wp-users and click edit beside the planned user. Look for the user_part area and enter a new password. Also, you have to choose MD5 in the function menu and then click “Go”.
Well done, you have just done re-changing the password with phpMyAdmin. The last thing to do here is to test whether the new passcode is accessible or not.
Manage Web Cookies
In some cases, your cookies prevent you from logging in because of some errors below:
Your browser does not support or block the site’s cookies. Therefore, you need to enable cookies to allow WordPress.
WordPress login function needs cookies to work on. Firstly, you should check the cookies enabling of your browser. Otherwise, you may clear your browser cache or open the site in Incognito mode. In case those ways don’t work, you may add this code line below the file wp-config.php right before /* That’s all, stop editing!…*/
It will become:
define(‘COOKIE_DOMAIN’, false);/* That’s all, stop editing!…*/
If you are working on a WordPress multisite, look for the file sunrise.php in the folder wp-content and rename it to sunrise.php.disabled. In WordPress 4.5, you don’t need a plugin to map domains anymore. If you can’t do it, contact your WordPress developers for more help.
The WordPress login page is very important as it is the gate for you to edit your site and prevent others from changing or taking control of your site. Therefore, you should acknowledge yourself to save time and effort for other works. Besides, you can change your WordPress login URL to protect your site, too.
We hope you have learned much about how to find and change your WordPress admin login URL through our article.