The default WordPress admin URL is wp-admin, shared across every WordPress site, which makes it a target for brute force attacks. Changing your login URL path is one of the most effective steps you can take to secure your WordPress dashboard.
It is straightforward to change the WordPress admin URL to something more secure with the Nexter Extension plugin.
Best Used For:
- Replacing the default wp-admin login path with a unique, hard-to-guess URL
- Protecting your login page from automated brute force and credential-stuffing attacks
- Controlling what happens when someone tries to access the old login URL
Learn via Video Tutorial
To replace your WordPress admin URL, follow the steps.
Go to Nexter > Extensions > Security
Then go to the Custom Login URL section, enable the toggle, and click the gear icon (⚙).
A popup will appear. In the Change WP Admin Login Path field, add your custom login URL.
For instance, you can add something like “secure-login” and if you click the Save button, your WordPress admin URL will change from https://yoursite.com/wp-admin to https://yoursite.com/secure-login.
Do not click Save yet.
From the Login URL Behaviour dropdown, choose the behavior if someone tries to access your old login URL.
The dropdown has three options:
- Message (default) – With this option, you can add a custom message that will appear when a user tries to access your old admin URL.
- Home Page – With this option, you can redirect the user to the home page of your website.
- 404 Page Template – You can redirect the user to a 404 error page with this option.
Once you choose the appropriate option, click the Save button and your WordPress wp-admin URL has been changed.
From now on, use the new login URL to log in to your WordPress dashboard.
For additional login security, see How to Limit Failed Login Attempts in WordPress to block repeated failed login attempts.
Redirecting WP Admin URL to Home Page
If you want to redirect visitors to the home page when they try to access your old WordPress login URL, you can do that with Nexter Extension.
To do this, in the Custom Login URL popup after you have set your custom login URL in the Change WP Admin Login Path field, choose the Home Page option from the Login URL Behaviour dropdown.
Then click the Save button.
This will redirect anyone who tries to reach your WordPress site through the default wp-admin path to the home page instead.
Redirect WP Admin URL to 404 Page
If you want to send unwanted visitors to a 404 error page, Nexter Extension has this option.
To do this, in the Custom Login URL popup after you have set your custom login URL in the Change WP Admin Login Path field, choose the 404 Page Template option from the Login URL Behaviour dropdown.
Then click the Save button.
Now if you try to access the default wp-admin path instead of the new login path, it will redirect you to a 404 Page Not Found error page.
To customize the appearance of that 404 page, see How to Create a 404 Page Template in WordPress for Free.
