How to Change WordPress Admin URL to Protect Blog From Hackers?

8
263

Every day on Internet thousands of websites hacked by hackers because of less security. Especially WordPress websites getting hacked every day because it has huge popularity throughout the world. So automatically hackers try to hack WordPress blogs and websites. Here problem comes from with WordPress default admin URL because most of the bloggers and website owners use the default URL which comes after installation of WordPress on database. WordPress already said about this and they recommended changing the default username “admin” to other username. But these precautions don’t stop your website getting hacked from hackers.

So what to do? Here we come up with another approach which increases your WordPress blog/website security 10 times better than before.

How to Install and Configure Lockdown WP Admin Plug-in?

Here is the basic information about how to install and setup Lockdown WP Admin plug-in on WordPress blogs/websites.

  • First Login to your WordPress admin dashboard by entering username and password.
  • To get perfect results with this plug-in your site must have permalinks.
  • Now just navigate to plugins from the sidebar menu and click on Add new option to install new plug-in.

plugin installation on wordpress

  • Type Lockdown WP Admin in the search box and click on Search button to get search results. Click on Install Now Button to install it on your WordPress blog.

lockdown wp admin installation

confirmation dailogue box

  • Once the installation process complete, click on Activate Plug-in to activate Lockdown WP Admin plug-in.

installing lockdown wp adminplugin

  • Now Launch Lockdown WP Admin from the sidebar by clicking on Lockdown WP and select Lockdown WP.

lock down wp

  • First of all you need to select the box “Yes, please hide WP Admin from the user” and change the admin URL from WordPress login URL section with any name which is not easy to guess by any one.

hide wp admin url on wordpress

change default url of wordpress

  • In HTTP Authentication leave the field same that means keep “Disable HTTP Auth” as the default option and click on “save options” to save all these settings.
  • If you use HTTP Authentication then you need to create secondary WordPress Admin .htaccess password. This secondary password will be useful even if someone guess your secret admin URL too. If you use WordPress Login Credentials then you need to enter primary username and password to gain access secondary username and password.
  • Alternatively you can also use “Private Usernames/Passwords “ to set secondary username and passwords from Lockdown WP>Private Users Section.
  • To check whether it’s working or not, just logout from the WordPress dashboard. Now enter old WordPress admin URL and you’ll see 404 not found error page. Now on wards you need to use WordPress secret admin URL to login into WordPress dashboard.

logout wordpress

not found page in wordpress

Remove WordPress Meta Widget to Stop Exposing Secret Login Url:

Actually professional bloggers doesn’t keep this meta widget on their blogs but if any case you forgot to remove this widget then follow the below steps and remove Meta Widget.

1. Click on Apperance and select Widgets from the menu.Now you will see all activated and deactivated widgets at one place.

widgets on wordpress

2. In Primary Sidebar you’ll have all active widgets,click on Meta widget and delete from the list.

remove meta widget on wordpress blog

You can check the below screenshot which exposes the secret admin url before removing meta widget.

meta information on wordpress

There is another method to remove meta widget from wp files but all files are restored again if you update your WordPress dashboard.

Now no one can hack your website by accessing WordPress default admin URL.If you have any doubts while installing this process please leave a comment below.

8 COMMENTS

  1. Hi Raman,

    Security is one such aspect of blogging that we just can’t afford to compromise! One mistake and the consequences can be dire!

    The plugin you introduced before us in this article is very useful indeed! No doubt about the capability of that plugin. You also very well described the process of getting it installed and started!

    I appreciate the use of screenshots by you. Good use of screenshots made running through the installation process much easier!

    Thanks for sharing this useful post! 🙂

    Arun

  2. Thanks a lot for providing such a great information regarding wordpress security. However, we can also use Better WP Security plugin to change WP Admin URL and there are lots of other features in it.
    Note: Better WP Security is now iThemes Security.

  3. This is really a helpful article. I didn’t know about this plugin and its usefulness before. I was really worried about my WordPress site security. But Now I am tension free that I got this excellent tips from your article. I want to use this plugin on my site that will protect me from hackers. Thank you so must for sharing with us.

  4. Excellent post and one that needs to hammered home over and over. So many WordPress sites I work on have all of the default admin url when it is such a simple thing to change it.

Comments are closed.