How to Secure Wordpress Backend Admin Login URL

When it comes to securing WordPress websites from intruders and hackers. You will definitely need to look into securing your WordPress main admin login page.

So, I have decided to show you guys the easiest way to hide your back-end login inside WordPress.

This is a very easy step-by-step guide, won't take you more than 2-minutes to set-up.

This is the most common place where hackers, spambots, and intruders are most likely to linger around.

To be quite honest, guys, securing your /wp-admin login page should be your top priority right after installing your WordPress website.

The main login to your administrator page (back-end) will look something like https://www.yourwebsite.com/wp-admin, now this is public for everyone to see.

This admin login page will look something like this, below;

WordPress admin login page

And your website address bar will look something like this, check the image below;

Now this is available for everyone including the public, spider bots, and hackers to see.

What you will need to do is secure this page with a mirror and change the URL leading to your main admin back-end page on WordPress.

Step 1 - Add a new plugin to your WordPress website

Inside your admin panel, click on "plugins" on the left-hand side and click on "add new".

Step 2 - Install WPS Hide Login

Search for WPS Hide Login and then install WPS Hide Login, highlighted in red boxes below. After installing the plugin, you will need to publish the plugin, very important! 

Step 3 - Open WPS Hide Login Plugin in WordPress

Click on the settings and then on WPS Hide Login to open up the settings of the newly installed plugin. (If you can't see this plugin go back to step 2, you haven't published the plugin).

Step 4 - Enter your new Admin backend login URL for the WordPress admin page.

As shown below in red enter your new website login URL, please save this somewhere, this can be as long as you wish, use numbers and letters to be extra secure. For this example you used "new874jLogin8873671", this will now replace the /wp-admin login page

After you do this, click "SAVE CHANGES" below in a blue button.

Step 5 - Test your new WordPress admin URL!

Now it's time to test the new hidden admin login URL, to do this you will need to enter the new URL you have set inside WPS hide login plugin, "new874jLogin8873671".

As you can see, the new URL is working great! This is the outcome you want to see.

Step 6 - Test your old wp-admin (should not load)

Now test out your old wp-admin URL

Which is https://www.yourwebsite.com/wp-admin/, and you should receive an error 404 page. (the URL will redirect to https://www.yourwebsite.com/404).

This is great news, this will let you know that your new URL admin login redirect is in fact working. And that you have fully masked our "wp-admin/" URL, which was available to the public.

Update: This process can still be used in 2025 and onwards to secure the admin Login to website's front end / back end admin panel.

If there are any new and better plugins, I will update this page, but for almost 5 years this has been the best way to secure any WordPress wp-admin login.

Any issues, or question drop them below and i will do my best to get back to you soon as possible.