Knowledgebase

Tag Cloud

android apple ftp gmail google drive ios macosx security

Support

Can I change my wp-admin URL for security?

Changing the /wp-admin/ access point seems to be a commonly held belief that this increases your admin security. 

Sorry - it doesn't. 

The actual login page is at yourdomain.com/wp-login.php and this is not a URL you can change as it's part of Wordpress core.

If you move the /wp-admin to something else all you are doing is causing yourself work and adding code, or a plugin that adds processing time to your site that you also have to keep up to date. Any incursion attempt by a hacker doesn't happen on this page either, they always use the /wp-login.php 

This technique is referred to as Security through Obscurity as is discouraged by all security bodies as it leads to a false sense of security. 

You should be implementing the principles of least privilege, long, secure, unique passwords, restricted privilege session times, and multi factor authentication

 

Was this answer helpful?

0 Users Found This Useful

Related Articles

Lost / reset two factor authentication in Wordpress

When you are unable to complete authentication on your WordPress account, it's likely because...

Wordpress Website Security Overview

Imagine your website is a house. It's important to keep the main door (admin account) locked, but...

Wordpress Two Factor Authentication - user security

Your website is important to us, and as a representative of your business it's important we work...

Do I need to install Wordfence / Security plugins?

There’s no right answer to this question, but in this article, we’ll provide you with some...

Administrator / Editor password resets are not working

Email by it's very nature is insecure, and is frequently compromised. This results in a trade-off...