How to rename wp-login.php
Protect your WordPress from brute-force attacks with Custom login page
WP Cerber lets you easily and safely change the default login page wp-login.php to whatever you want. In other words, you can set up your own custom login URL and hide wp-login.php from automated attacks. You don’t need to edit .htaccess file manually or rename your actual wp-login.php file. With WP Cerber you can do it in several clicks. It is safe.
- Go to the WP Cerber Main Settings admin page.
- Enter your new desired login URL into the Custom login URL field
- Check Block direct access to wp-login.php and return HTTP 404 Not Found Error
- Click Save settings. The plugin will send a new URL to the admin email.
- Bookmark your new Custom login URL. If you forget it, you will be unable to login.
- If you use a caching plugin like W3 Total Cache or WP Super Cache you have to add the slug of the new Custom login URL to the list of pages not to cache.
- For WP multisite mode login URL will be changed for all sites globally.
- Never rename wp-login.php file directly. After updating your WordPress to a new version, wp-login.php will be accessible for intruders again.
See also: How to hide wp-admin and wp-login.php from possible attacks
Last posts from WordPress security blog
- Antispam protection for WordPress contact forms 10/22/2017
- Solving problem with incorrect IP address detection 10/17/2017
- WP Cerber 5.2 10/01/2017
- WP Cerber 5.1 09/11/2017
- WP Cerber 5.0 08/13/2017