One of the ways hackers and bots try to break your WordPress site is by going to /login and hammering away at the login screen. We can fix that by learning to hide the login page on your WordPress site.
“Welcome to OSTips from OSTraining. My name is Rod Martin.
So I’m on a plain, brand new installation of WordPress with no other plugins installed. You’ll note that if I type in /login it takes me to my wp-login.php.
- log in
- click on Plugins
- add new
- search for wps hide login
There are a number of plugins that do this, but this one does it well.
- click install now
- activate the plugin
- click on Settings
- click on WPS Hide Login
Down at the bottom of the screen, we’re going to see the standard url for /login.
- change to ostlogin
- click Save Changes
Now you’ll note my login page is at /ostlogin/. Let’s test that.
- log out
- log in to /ostlogin/
Indeed there is my login panel at /ostlogin/.
NOTE: If I go to the plain /login, it gives me a 404 error. You might want to think about converting this particular error to a 403 forbidden access page, but that’s the subject of another video.
There’s my login page. NOTE: When I type in wp-admin by itself, again it takes me to the 404 error.
So by simply changing the login url to your WordPress site, you’re going to foil a lot of bots and hackers trying to ruin your hard work.
Thanks for watching. This has been OStips from OS Training, and I’m Rod Martin.”