Why Is My Custom Admin Path Redirecting to the Front Page?

Q: Why is my custom admin path redirecting to the front page?

The Hide the New Admin Path option is enabled in WP Ghost. This blocks non-logged-in users from accessing the custom admin URL and redirects them to the front page. Switch it off in WP Ghost > Change Paths > Admin Security to redirect to the login page instead.

Q: What is the difference between Hide the New Admin Path and Hide wp-admin?

Hide wp-admin blocks access to the original default /wp-admin path. Hide the New Admin Path blocks access to your custom admin path. They control different URLs and can be enabled independently.

Q: Is it less secure to switch off Hide the New Admin Path?

Minimally. Visitors who discover the custom admin path get redirected to the login page, which is protected by brute force protection and 2FA. The main benefit of hiding is preventing bots from confirming the login form exists.

Q: Can I customize the redirect for hidden paths?

Yes. Go to WP Ghost > Tweaks > Redirects and set Redirect Hidden Paths to 404 error, 403 error, or a custom page.

Q: Does WP Ghost modify WordPress core files?

No. WP Ghost uses rewrite rules and WordPress filters. No core files are modified. Deactivating restores the default wp-admin path instantly.

Moved

This tutorial has moved to the new WP Ghost Knowledge Base where each feature is presented in detail.

View on new site

This happens because the “Hide the New Admin Path” option is enabled in WP Ghost. When this option is active, your custom admin path is treated as a hidden path, so visitors who are not logged in get redirected to the front page (or a 404 error) instead of the login form. To fix it, go to WP Ghost > Change Paths > Admin Security and switch off “Hide the New Admin Path.”

Why This Redirect Happens

WP Ghost gives you two layers of admin path protection. First, you can change the /wp-admin path to a custom URL. Second, you can hide that custom URL so even the new path is not accessible to non-logged-in users. When “Hide the New Admin Path” is enabled, WP Ghost blocks all access to the custom admin path for visitors who don’t have an active session. WordPress treats the blocked request as an invalid URL and redirects it to the front page.

This is working as designed. The purpose of hiding the admin path is to ensure that only users who already know the login URL can access the dashboard. You log in through the custom login path first, and then the admin dashboard becomes accessible through the custom admin path. If you want visitors to be able to type the admin path and get redirected to the login form instead, you need to switch off the hiding option.

How to Fix It

Go to WP Ghost > Change Paths > Admin Security. Find the Hide the New Admin Path option and switch it OFF. Click Save.

After saving, when a non-logged-in user accesses your custom admin path, they will be redirected to the custom login page instead of the front page. Once they log in, they will reach the admin dashboard normally. Your admin path is still changed from the default /wp-admin, so bots scanning for the standard path still get nothing.

If you want to keep the admin path fully hidden but change the redirect from the front page to a 404 error or a custom page, go to WP Ghost > Tweaks > Redirects and configure the Redirect Hidden Paths option. For the full admin path configuration guide, see the Change and Hide wp-admin Path tutorial.

Still Redirected After Switching Off?

If the redirect persists after switching off “Hide the New Admin Path,” clear all cache (caching plugin, server cache, CDN, browser cache) and try again in a private browser window. If you are logged in and still getting redirected, log out completely, clear your cookies, and log back in through the custom login path. WP Ghost creates a browser session for the custom admin path when you log in, and stale sessions can cause redirect issues.

On some hosting environments like WP Engine and other Nginx-based managed hosts, the server may not fully support custom admin paths. If the issue persists after all troubleshooting, consider using the default wp-admin path with the Hide “wp-admin” option enabled instead, which hides the default path from non-logged-in visitors. If you have completely lost access, use the emergency disable method to restore defaults.

Frequently Asked Questions

What is the difference between “Hide the New Admin Path” and “Hide wp-admin”?

“Hide wp-admin” blocks access to the original default /wp-admin path. “Hide the New Admin Path” blocks access to whatever custom admin path you configured in WP Ghost. They control different URLs. You can have one enabled without the other depending on your security needs.

Is it less secure to switch off “Hide the New Admin Path”?

Slightly, but in practice the difference is minimal. With this option off, someone who discovers your custom admin path gets redirected to the login page. They still need valid credentials to get in, and your login page is protected by brute force protection and 2FA. The main security benefit of hiding the admin path is preventing bots from even confirming the login form exists.

Can I customize the redirect for hidden paths?

Yes. Go to WP Ghost > Tweaks > Redirects and set the Redirect Hidden Paths option to 404 error, 403 error, or a custom page. This controls what happens when anyone accesses any hidden path, including the admin path when “Hide the New Admin Path” is active.

Does WP Ghost modify WordPress core files?

No. WP Ghost uses rewrite rules and WordPress filters to change and hide admin paths. No core files are modified. Deactivating WP Ghost restores the default /wp-admin path instantly.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.