Change wp-admin and/or wp-login.php urls with anything else

This suggestion could be added to Ultimate Branding plugin. Or maybe new plugin to think over :wink:

I'd love to be able to hide the "/wp-admin/" and "/wp-login.php" and change them to someting like /my-admin/ and "/my-login.php"

They are multiple pros to do that.
1) easier url to remember for our clients
2) Security issue. Hackers often attack wordpress. If they can not find the admin and login url, it is a little more difficult :wink:

What do you think about ?


  • aecnu

    Greetings visitonweb,

    Thank you for your feedback it is greatly appreciated.

    There are many way to hide the login and signup URLs and plugins that specialize in doing just that.

    WPMU Dev Anti-Splog plugin hides the wp-signup.php file.

    Hide Login plugin allows you to create custom URLs for logging in, logging out, administration and registering for your WordPress blog.

    Thank you for being a WPMU Dev Member!

    Cheers, Joe

  • Ajay


    Quick Solution.

    Please take back up of your .htaccess file in site Document Root directory.
    so in case of any issue you can revert the site in working mode.

    after line RewriteEngine On

    if your wordpress install in sub directory ex: http://localhost/wordpress
    then modify or add below line
    RewriteBase /wordpress/

    If your site is in server DOCUMENT_ROOT then
    RewriteBase /

    You can use any other your choice url ex: admin , my-admin etc. instead of login i mention here.

    # just these two lines will work - adding slash and hide login file
    RewriteRule ^login$  login/  [R=301,L]
    RewriteRule ^login/$ wp-login.php [NC,L]
    # this is for when logout , so not rediret to wp-login
    RewriteCond %{QUERY_STRING} ^(.*)?loggedout=true$
    RewriteRule ^(.*)$ http://%{HTTP_HOST}/? [L,R=301]

    if above line will not work for any reason ,
    then try below mention

    Both options works , i used in routine

    RewriteCond %{REQUEST_URI} ^(.*)?login$
    RewriteRule ^login$ login/ [R=301,L]
    RewriteCond %{REQUEST_URI} ^(.*)?login/$
    RewriteRule ^.*$ wp-login.php [NC,L]
    # this is for when logout , so not rediret to wp-login
    RewriteCond %{QUERY_STRING} ^(.*)?loggedout=true$
    RewriteRule ^(.*)$ http://%{HTTP_HOST}/? [L,R=301]

    after that you will be able to use url like below to login your site


    not need to install any plugin and save unnecessary load on site.
    Its fastest.

    If you see error like this:

    "Internal Server Error

    The server encountered an internal error or misconfiguration and was unable to complete your request."

    means you did some mistake in file, try to correct,
    or revert to your previous backed up .htaccess file.
    and try on your local or other development site.

    Note: Please do not try on live site , if you did not have any experience with .htaccess
    or ask help from any developer / expert.

    advice to try on localhost first, so you can have idea of error and resolution.


  • Ajay


    Here we are doing url masking with htaccess.
    and redirecting login url to wp-login.php in backend.

    For removing "wp-login.php" we have to remove / rename this file from server and do the other programming with custom code and have to write sort of plugin etc.

    I can do but right now busy in some project. If you could consider sponsor
    this project then will think on this. do email.

    Note: its very strange we Love wp but hate its url. I know lots of others php framework and cms, never i heard of change url etc.

    I will start some big project for this wp removal , asap i got time and money for this. right now i am struggling with financial.


Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.