• Skip to main content
  • Skip to footer

  • Home
  • About
  • Services
  • Portfolio
  • Testimonials
  • Blog
  • Contact

WPS Hide Login for Added WordPress Security

By Nathaniel Richman

A while back I wrote about 7 Awesome WordPress Plugins. Most of those still rank amongst my favourites. Today, I’m going to talk about one not mentioned in that post, which could easily be added to make it an even eight.

WPS Hide Login, programmed by WPServeur, is “a very light plugin that lets you easily and safely change the URL of the login form page to anything you want.”

Why would you want to change that URL? In one word: Security.

Keeping it safe

If you’re familiar with using WordPress, you’ll know that, to log in to the admin area, you normally go to a web address like yourdomain.com/wp-admin or yourdomain.com/wp-login.php. That’s the default login page for all WordPress sites. It’s a pretty easy URL for you to remember. Unfortunately, it’s also easy for hackers to find.

Brute force attacks

A common method for hackers to get into the admin area of your WordPress site is by a process known as “brute force attacks.” Essentially, they run a program to generate a huge number of possible usernames and passwords until finding the set that matches to allow them entry to your site. Of course this would be a daunting task if doing it manually, but with the speed that computers can sequentially generate character combinations, it’s doable.

Sure we can make our password long and complicated. That definitely helps to thwart the hacker’s process. It’s also highly recommended to use something other than “admin” as your username. That’s the first thing a hacker would guess as your ID. Using both of these techniques will make it more difficult to break in to your site.

However, if the hacker doesn’t even know what URL to begin a brute force attack from, life will be infinitely more difficult for them and they will likely give up the attempt.

You pick your login URL

So, instead of using the aforementioned default login URL, you can make up any page name you want. The domain (e.g., yourdomain.com) will remain the same, but you can choose anything you want to go after the slash (and before the “.php”). I wouldn’t recommend something too simple and easy to guess, e.g., loginpage.php. Throw in a number and/or a hyphen to mix things up a bit. e.g., johnnys-entry-point-99.php.  Use your imagination. It doesn’t have to make sense. In fact, even better if you can use a completely random group of numbers and letters, e.g., u7s9we23ih29-gh33.php. You probably wouldn’t remember that, but of course you can bookmark it (and/or save it in a secure place).

After you install and configure this excellent plugin on your WordPress site, you should notice very few, if any, malicious login attempts. It’s no wonder more than 600,000 people have downloaded the plugin and why it has received a 5-star rating.

Be safe!

Share with your friends... Share on FacebookShare on TwitterShare on LinkedinShare on Pinterest

Filed Under: WordPress Tagged With: brute force attacks, security, WordPress, WordPress security, WPS Hide Login

Related Posts

  • HTTPS: Why You Should Secure Your WebsiteHTTPS: Why You Should Secure Your Website
  • 7 Awesome WordPress Plugins7 Awesome WordPress Plugins
  • Every WordPress Website Should Have This PluginEvery WordPress Website Should Have This Plugin

About Nathaniel Richman

Nathaniel founded nrichmedia in 2000. Nathaniel graduated from the Vancouver Film School with a Certificate of Recommendation in Multimedia Studies in 1997 and has been working in the web design and new media industry ever since. In a previous life, he received a Bachelor of Mathematics degree (Honours Actuarial Science) from the University of Waterloo and worked in the pension consulting field. Aside from honing his problem-solving and programming skills, working in the consulting industry provided Nathaniel with valuable experience in how to build strong and lasting client relationships — an area in which he excelled. Nathaniel lives in Victoria, BC and is the lead designer, sometimes programmer, and overseer of all things good at nrichmedia.

Footer

Quote

Find out how we can make your website amazing

get your quote now!

Newsletter

12 Essential Steps for Setting Up Your Website

Join more than 500 newsletter subscribers and receive this FREE guide to getting the online results you're looking for!

nrichmedia guarantees that we will never share your email address with anyone. Ever.

All content copyright © 2021 nrichmedia, Victoria, BC Twitter Instagram Facebook