Creating a custom login URL in WordPress website can be a good way to add an extra layer of security to your site. It makes it harder for hackers to guess your login page and launch attacks. Here’s a simple guide to help you create your custom login URL.
WordPress by default has the /wp-login.php or /wp-admin login URL suffix. That means when you have to login or sign up for any WordPress website you can add the /wp-login.php suffix at the end of the website and it will redirect you to the login/register page of the website. There are other ways of login like adding social login to WordPress but in this tutorial we’ll be discussing to customize the deafult WordPress login URL.
Before entering into the tutorial, let us discuss why we should add a custom login URL in WordPress.
Table of Contents
Why add a custom login URL in WordPress?
Adding a custom login URL has many benefits. If you wish to stay to the default login URL of WordPress then anyone on the internet can open your website’s login/register page. Now, you may wonder why is that bad? Letting anyone on the internet access your login/register page is bad if you do not have top-notch security.
Demerits of having WordPress default login URL.
- Anyone on the internet can find your login/regsiter page
- You may get spam users which may affect your website’s performance
- You may be victim of bruteforce attacks
- You will be making one step easier for hackers to hack your site.
Benefits of adding a custom login URL in WordPress.
You will get many benefits after you add a custom login URL to your WordPress website. Some of them are discussed below.
- It will be hard for anyone on the internet to find your website’s login/register page
- You can say goodbye to spammy users
- You will be safe from bruteforce attacks
- You will be adding an extra layer of security to your website.
How do I create a custom login URL in WordPress?
In this post I will teach you to add a custom login URL to your WordPress website in two ways, the first being the Plugin method and the second being the custom code method.
Let us start with the plugin method.
1. Plugin method to add custom login URL in WordPress
In this method, we will be using a plugin called Hide My WP Ghost. It is an awesome security plugin for WordPress websites that lets you create your custom login URL along with many other safety and security options.
I suggest you to install this plugin because it has everything you need to secure your website from hackers and malware.
This plugin has both a paid and free version. If you want some basic security features then I suggest you go with the free version otherwise you can get the premium version for extra security.
- From your WordPress dashboard go to Plugins >> Add new >> and search for Hide My WP Ghost in the plugin search bar.
- After that click on Install >> Activate.
- After activating the plugin go to Hide My WP Ghost >> Change Paths.
- After clicking on “Change Paths” a message will appear that says “Activate free token” you can activate it by providing your e-mail else you can skip the activation.
- After the activation you will see an option called “Levels of security”; from the options choose the “Lite mode”.
- Now in the “Change Paths” section you will see an option called “Login Settings” under which there will be another option called “Custom login path” here’s where all the magic happens.
- By default the plugin sets the custom login URL as /newlogin you can edit that and put anything like earth, toothpaste or anything you want.
- Now click on “save“.
- After clicking on “Save“, the plugin will ask you to test the Front end login. Which means you need to test if the custom login URL is working or not.
- Go to Incognito/private mode on your browser and try to login with your new url (Example: https:wptracer.com/newlogin)
- If the login URL works fine, come back to your previous page click “Yes its working”.
You have now successfully created a custom login URL for your WordPress website.
Custom login URL doesn’t work in WordPress
What if you create a custom login URL/path and the new login URL doesn’t work?
In rare cases, there might be chances that your new login URL may not work and you may be locked out from your WordPress dashboard. So, you need to do this process carefully. Below are some solutions if you get locked out.
- The plugin will give you a special URL in case you are logged out. So, you should keep the special URL safely
- After you create custom URL from the plugin do not close your WordPress dashboard or log out until you test it in external browser or incognito/private mode
- In case all the methods do not work remove the plugin file from your hosting or contact your hosting provider. You can also read our tutorial on deactivating plugin from Hosting Panel.
2. Custom Login URL in WordPress without using Plugin
If you are geekier and do not want to use a plugin to create a custom login URL in your WordPress website then this method is best for you.
In this method, we won’t be using any plugin to change the login URL instead we will be creating a new PHP file that will help us create a custom login URL.
So, let’s get started.
A. Create a new file
First of all, you need to create a new file. You can create this on your PC and later upload it to your hosting or create it inside your file manager, the choice is yours.
Name the file as you want it to be the new login URL for your website. For example, if want the new login URL to be https://wptracer.com/new-login then I will name the file as new-login.php.
B. Copy codes from wp-login.php
The next step includes copying all the codes from the wp-login.php file to your brand new file (In this case new-login.php).
You will find the wp-login.php file inside your hosting’s file manager inside the public_html folder.
C. Replace string “wp-login.php”
Inside your new file (In this case new-login.php) find all the strings with “wp-login.php” and replace them with a new file name (In this case new-login.php).
I suggest you create the new file on your personal computer and do all the copying and replacing tasks there as modern code editors have “find and replace” features, so it will be easier for you. And when all the task is finished you can upload the final file to your file manager.
D. Delete the old file
Save the new file (In our case new-login.php) on your hosting after you have replaced the “wp-login.php” string. Else if you have created the file on your computer then you need to upload it to your website’s file manager.
Finally, you need to delete the old file (wp-login.php) file for the new file to work.
That’s it! You’ve successfully created a custom login URL in WordPress. It’s a small change, but it adds a nice layer of security to your website.
Wrapping Up
In this post, we discussed two methods to create a custom login URL in a WordPress website. In the first method, we used a plugin whereas in the second method we used a custom coded PHP file to create a custom login URL in WordPress. If you do not have technical knowledge then I suggest you to use the plugin method whereas if you are the geeky one then you can go with the PHP file method as well.
If you have any questions regarding this topic then feel free to ask me in the comment section.