Difference between revisions of "Renaming the WP-Admin Area"
Line 5: | Line 5: | ||
With Loginizer Security Pro its now possible to rename wp-admin to something different e.g. site-admin<br> | With Loginizer Security Pro its now possible to rename wp-admin to something different e.g. site-admin<br> | ||
You can rename the WP-Admin URL to anything of your choice.<br><br> | You can rename the WP-Admin URL to anything of your choice.<br><br> | ||
− | |||
=== Adding entry in .htaccess === | === Adding entry in .htaccess === | ||
Line 11: | Line 10: | ||
The following .htaccess needs to be added as per your blog type. <br> | The following .htaccess needs to be added as per your blog type. <br> | ||
If your blog is a WordPress Multi Site blog, please follow the multisite .htaccess guide.<br> | If your blog is a WordPress Multi Site blog, please follow the multisite .htaccess guide.<br> | ||
− | '''NOTE''' : For this guide we will assume that the new | + | '''NOTE''' : For this guide we will assume that the new admin slug you want to set for wp-admin is '''site-admin''' |
==== WordPress Blog (not multisite) ==== | ==== WordPress Blog (not multisite) ==== |
Revision as of 13:52, 8 December 2016
Contents
Overview
This guide will help you rename the WP-Admin URL of your WordPress blog.
There are many programmed bots and attacking software which assume the wp-admin URL to be http://yoursite.com/blog/wp-admin.
With Loginizer Security Pro its now possible to rename wp-admin to something different e.g. site-admin
You can rename the WP-Admin URL to anything of your choice.
Adding entry in .htaccess
The following .htaccess needs to be added as per your blog type.
If your blog is a WordPress Multi Site blog, please follow the multisite .htaccess guide.
NOTE : For this guide we will assume that the new admin slug you want to set for wp-admin is site-admin
WordPress Blog (not multisite)
Your .htaccess before making changes will look something like this :
# BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase RELATIVE_URL/ RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . RELATIVE_URL/index.php [L] </IfModule> # END WordPress
You should now change it to :
# BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase RELATIVE_URL/ RewriteRule ^index\.php$ - [L] RewriteRule ^site-admin(.*) wp-admin$1 [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . RELATIVE_URL/index.php [L] </IfModule> # END WordPress
WordPress Multisite Blog
Your .htaccess before making changes will look something like this :
RewriteEngine On RewriteBase RELATIVE_URL/ RewriteRule ^index\.php$ - [L] # add a trailing slash to /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] RewriteRule . index.php [L]
You should now change it to :
RewriteEngine On RewriteBase RELATIVE_URL/ RewriteRule ^index\.php$ - [L] # add a trailing slash to /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(site-admin)(.*) $1wp-admin$3 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] RewriteRule . index.php [L]
Renaming the WP-Admin Area
To rename the WP-Admin Area, please go to WordPress Admin Panel -> Loginizer Security -> Security Settings.
There you will find the Rename WP-Admin Access Setting section.
Enter a new wp-admin slug in this section.
Note : You must have .htaccess setup by now.
The following is a screenshot of the settings page

You must now access the new admin slug from the URL to see if your wp-admin area is working with the new URL.
Disable wp-admin access
Once you have setup and tested the new wp-admin area (site-admin in our example) you can consider to disable wp-admin access.
The advantage is that, attacking bots will not know the new URL.
To do so, enable the Disable wp-admin access setting as well.
Once enabled wp-admin will no longer work with the old slug. It will work only with the new slug (site-admin in our example)