WordPress Security
Posted By Gregory

How to hide wp-admin and wp-login.php from attacks

Hiding wp-admin is an easy​ ​​yet effective way of reducing the number of attacks from dumb bots and hackers. It's a great tool for reducing the attack surface.


With WP Cerber Security you can do that with several clicks.

  1. Open WP Cerber main settings page.
  2. Turn on Disable automatic redirection to the login page when /wp-admin/ is requested by an unauthorized request
  3. Enter your desired custom login URL into the Custom login URL field
  4. Turn on Block direct access to wp-login.php and return HTTP 404 Not Found Error
  5. Save settings
Hide wp-admin wp-login.php WordPress

Settings to hide wp-admin and wp-login.php

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered on the community forum.

Spotted a bug or glitch?

We’d love to fix it! Share your bug discoveries with us here: Bug Report.


I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.