Difference between revisions of "Renaming the WP-Admin Area"
| Line 5: | Line 5: | ||
With Loginizer Security Pro its now possible to rename wp-admin to something different e.g. site-admin<br> | With Loginizer Security Pro its now possible to rename wp-admin to something different e.g. site-admin<br> | ||
You can rename the WP-Admin URL to anything of your choice.<br><br> | You can rename the WP-Admin URL to anything of your choice.<br><br> | ||
| − | |||
=== Adding entry in .htaccess === | === Adding entry in .htaccess === | ||
| Line 11: | Line 10: | ||
The following .htaccess needs to be added as per your blog type. <br> | The following .htaccess needs to be added as per your blog type. <br> | ||
If your blog is a WordPress Multi Site blog, please follow the multisite .htaccess guide.<br> | If your blog is a WordPress Multi Site blog, please follow the multisite .htaccess guide.<br> | ||
| − | '''NOTE''' : For this guide we will assume that the new | + | '''NOTE''' : For this guide we will assume that the new admin slug you want to set for wp-admin is '''site-admin''' |
==== WordPress Blog (not multisite) ==== | ==== WordPress Blog (not multisite) ==== | ||
Revision as of 13:52, 8 December 2016
Contents
Overview
This guide will help you rename the WP-Admin URL of your WordPress blog.
There are many programmed bots and attacking software which assume the wp-admin URL to be http://yoursite.com/blog/wp-admin.
With Loginizer Security Pro its now possible to rename wp-admin to something different e.g. site-admin
You can rename the WP-Admin URL to anything of your choice.
Adding entry in .htaccess
The following .htaccess needs to be added as per your blog type.
If your blog is a WordPress Multi Site blog, please follow the multisite .htaccess guide.
NOTE : For this guide we will assume that the new admin slug you want to set for wp-admin is site-admin
WordPress Blog (not multisite)
Your .htaccess before making changes will look something like this :
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . RELATIVE_URL/index.php [L]
</IfModule>
# END WordPress
You should now change it to :
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]
RewriteRule ^site-admin(.*) wp-admin$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . RELATIVE_URL/index.php [L]
</IfModule>
# END WordPress
WordPress Multisite Blog
Your .htaccess before making changes will look something like this :
RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]
You should now change it to :
RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(site-admin)(.*) $1wp-admin$3 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]
Renaming the WP-Admin Area
To rename the WP-Admin Area, please go to WordPress Admin Panel -> Loginizer Security -> Security Settings.
There you will find the Rename WP-Admin Access Setting section.
Enter a new wp-admin slug in this section.
Note : You must have .htaccess setup by now.
The following is a screenshot of the settings page
You must now access the new admin slug from the URL to see if your wp-admin area is working with the new URL.
Disable wp-admin access
Once you have setup and tested the new wp-admin area (site-admin in our example) you can consider to disable wp-admin access.
The advantage is that, attacking bots will not know the new URL.
To do so, enable the Disable wp-admin access setting as well.
Once enabled wp-admin will no longer work with the old slug. It will work only with the new slug (site-admin in our example)
