How to Change Your WordPress Admin URL

Using special WordPress plugins permit you to edit the WordPress default login URL. Meanwhile WordPress brute-force attacks are now more regular. Changing the default login URL to customized URL will stop attackers from opening your admin login form.

Following the steps below you will learn how to change the WordPress default URL. For this purpose you will use Lockdown WP Admin and iThemes Security plugins.

NOTE: Before continuing with any changes, ensure that you had complete backup of your site. If you have built your site using Softaculous script installer, feel free to use this guide for backup as well.

Lockdown WP Admin

1. First of all install and activate Lockdown WP Admin plugin:



2. When you have installed and activated Lockdown WP panel and enabled Hide WP admin feature, then enter the desired login URL:

3. Select the verification method:

If you use one of the HTTP Auth options the plugin will also allow you to generate a secondary WordPress admin details. The secondary password and username would have to be entered in even if anyone has predicted your top-secret login URL. The following verification pop-up window will come up:

WordPress Login Credentials:

Selecting this option will prompt you to your regular WordPress hosting admin username and password, prior to get access to the genuine WordPress admin login page.

Private Usernames/Passwords:

In case you consume it, you are able to design a new secondary login from the Lockdown WP > Private Users section.

Save these changes and log out your WordPress Admin console. You must see the new login URL you set, while /wp-admin or /wp-login.php will serve a 404 error page.

iThemes Security

1. Install and start iThemes Security plugin:



2. Switch to Security and then Settings:

Select All:

Find Hide Backend section and click Configure Settings:

3. Click on allow Hide Backend feature:

In the Login Slug field, put your new login position

When your changes are done, press Save All Changes

Unluckily, just editing the login URL itself is not sufficient. Since the plugin also updates the Meta widget in WordPress with the new updated URL so it is required to eliminate one of two things. You need to either remove the whole widget or just the Log in link:

Eliminate Meta Widget from WordPress

1.       Log into your WordPress Admin console. Go to Appearance and then Widgets:


2. Tap on Meta widget and then press Delete:

Eliminate the Log in link

1.       Log into your cPanel provided by Sky Host and use your File Manager menu

Navigate to your /WP-includes directory. Press right-click on the general-template.php file and then press Edit:

NOTE: You need to make sure that you copy the general-template.php file prior to performing any editing. You can download it to your personal device or copy/paste it to another directory within your cPanel.

2.       You need to look for the code given below:

$link = '<a href="' . esc_url( wp_login_url($redirect) ) . '">' . __('Log in') . '</a>';

Put a comment using two forward slashes //

3.       Insert the following code on the next line:

$link = '';

The ending code must look like this:

function wp_loginout($redirect = '', $echo = true) {

 if ( ! is_user_logged_in() )

  //$link = '<a href="' . esc_url( wp_login_url($redirect) ) . '">' . __('Log in') . '</a>';

    $link = '';


4.       Go to your website. You must now get that the login link is disappeared from the Meta widget:

In case you need further help then contact our HelpDesk.