How To Change
Wp-Admin URLs

How Hide My WordPress Ghost can help you to have a secure website

Your site’s wp-admin page is certainly one of the most vulnerable pages on your website.

Protecting the WordPress admin area from unauthorized access allows you to block many common security threats.

In the following you will learn how to protect your WordPress admin area from hackers.

What is wp-admin login URL?

The WordPress admin page URL (or ‘login URL’) is the web address you visit when you want to access the back-end of your website.

If you are looking to do some administrative tasks around your website it is easily possible to do so through

https://www.your-domain.com/wp-admin.

Unfortunately, this fact is also a common entry point for attackers who utilize this knowledge and use this path as an attack point for hacking attempts via the brute force methods.

How secure is WordPress admin?

Brute force attacks are a common type of hacking attempt which consists of little more than repeatedly guessing username and password combinations until the right login credentials are obtained.

There are various methodologies which hackers make use of but more often than not attackers get into websites and accounts the same way anyone else does – by somehow obtaining access to the login credentials of an account at your site.

Why is it important to secure your wp-admin?

Hackers may have a number of different reasons why they may be targeting your WordPress website.

We have listed some extremely common examples to give you a better idea as to why your site may be a target:

Inject Malicious Content
To Steal Money
Steal Visitors’ Personal Informations
Spread Viruses
Steal Business’s Private Information
Use Your Web Server to Host Phishing Pages
Steal Your Server Bandwidth
Overload Your Web Server
Vandalize Your Website
For Fun or To Get Attention
To Disrupt Service

The moment hackers realize that your site is a WordPress site, they will automatically know your WP-Admin path.

It is also common knowledge that WordPress creates an “admin” username by default.

With these pieces of information, the hacker has ⅔ of everything required for login. All they have to do now is guess your password.

Hackers do not know if you have a more complex username and password combination and so they may continue to try their luck continuously for long periods of time.

This process is taxing on server resources and opens the possibility of your site being shut down.

how do you change wp-admin path?

How do you change your wp-admin URL

using Hide My WP Ghost Plugin

Security tip! Do not use names for the login URL like login, logon, admin or backend.

If you use Hide my WP GHOST for protecting your website you can hide the login page and wp-Admin page and change it; follow these steps:

1. 1. Login to your Hide My WP Ghost Dashboard.
  2. Go to Hide My WP > Permalinks
  3. Change the “Custom Admin URL” from /wp-admin/ to newadmin (or whatever you changed it to).
  4. Click to change the settings and follow the relogin instructions.
  5. For this settings the plugin it’s free

Important! The path will not be physically changed on your server. You will be redirected to the new admin path every time you login to admin.

There is a simple yet effective manual process that allows you to change your WP-Admin URL and has the ability to keep potential attackers at bay. This manual process is different from a type of server to another.

Unique URLs are much more difficult to guess and are therefore less likely to be targeted. However, this manual process may not be the best strategy.

You can choose to change it manually but you have need to assume some risks:

- Every time you update WordPress, it will recreate the login page file. This means you’ll need to change the URL all over again.
- Manually changing your login page URL can create errors with your logout screen, and cause other issues with important site functionality.
- Can affect the website functionality because many plugins and themes don’t work if your physical paths are changed.

What Can You Do For More Powerful Security &
how can ‘Hide My WP Ghost’ help you?

You can look at the page’s source and see things like

/wp-content/themes/style.css, /wp-content/plugins/, /wp-content/themes/, /wp-admin/wp-install.php, /wp-content/upload/, /xml-rpc.php etc.

All these URLs are vulnerable to hackers and hiding them is important as well.

Hackers don’t access only /wp-admin and /wp-login.php paths to hack your website.

All the vulnerable paths, including the one from the installed plugins, can be a way for the hackers to get through and infect the entire website with viruses.

Hide My WordPress Ghost is an easy to use product designed to provide you with the best protection against hackers. When you start using this plugin, you will be able to hide the fact that you are using WordPress on your site.

Being able to cover up the common paths is critical, because you get to keep intruders away from sensitive website data.

This is crucial, and it will provide you with a great experience and really good results in the long term. It will surely be worth it, not to mention that hiding the common paths will make hacking a lot harder as well.