Renaming the WP-Admin Area

From Loginizer Documentation
Revision as of 13:52, 8 December 2016 by Loginizer-admin (talk | contribs)

Jump to: navigation, search

Overview

This guide will help you rename the WP-Admin URL of your WordPress blog.
There are many programmed bots and attacking software which assume the wp-admin URL to be http://yoursite.com/blog/wp-admin.
With Loginizer Security Pro its now possible to rename wp-admin to something different e.g. site-admin
You can rename the WP-Admin URL to anything of your choice.

Adding entry in .htaccess

The following .htaccess needs to be added as per your blog type.
If your blog is a WordPress Multi Site blog, please follow the multisite .htaccess guide.
NOTE : For this guide we will assume that the new admin slug you want to set for wp-admin is site-admin

WordPress Blog (not multisite)

Your .htaccess before making changes will look something like this :

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . RELATIVE_URL/index.php [L]
</IfModule>
# END WordPress

You should now change it to :

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]
RewriteRule ^site-admin(.*) wp-admin$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . RELATIVE_URL/index.php [L]
</IfModule>
# END WordPress

WordPress Multisite Blog

Your .htaccess before making changes will look something like this :

RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

You should now change it to :

RewriteEngine On
RewriteBase RELATIVE_URL/
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(site-admin)(.*) $1wp-admin$3 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]


Renaming the WP-Admin Area

To rename the WP-Admin Area, please go to WordPress Admin Panel -> Loginizer Security -> Security Settings.
There you will find the Rename WP-Admin Access Setting section.
Enter a new wp-admin slug in this section.

Note : You must have .htaccess setup by now.

The following is a screenshot of the settings page

Rename wp-admin.png

You must now access the new admin slug from the URL to see if your wp-admin area is working with the new URL.

Disable wp-admin access

Once you have setup and tested the new wp-admin area (site-admin in our example) you can consider to disable wp-admin access.
The advantage is that, attacking bots will not know the new URL.
To do so, enable the Disable wp-admin access setting as well.
Once enabled wp-admin will no longer work with the old slug. It will work only with the new slug (site-admin in our example)