WordPress is the most popular blogging software in the world. Thanks to its popularity, the number of themes, plug-ins and functionalities and development work is constantly growing. In addition, control panel tools like cPanel have made WordPress installation possible with just a single click. But with the popularity, comes the cost. The platform has become one of the biggest targets for hack attacks.
When you make a tool very simple for regular folks, they never take the precautions a typical developer would take. For example, having a custom login URL or having a different username instead of the default ‘admin’.
The problem of having default values is that it makes the job of a hack a lot easier. Yourdomain.com/wp-admin is the default location of your login page and almost everyone keeps the same value. It is like keeping your bank vault’s main door visible. No matter how strong the door is, keeping it visible is never a good idea. Because someone may sit there and watch to see what credentials you enter.
In the same fashion, if your site has any value, it is always best to disable the default WordPress admin login URL and create a custom URL. This way, anyone trying to access your site has no idea where the login is located.
How can you do it?
There are several ways by which you can change the location of the admin login. One of the easiest ways is to use a plug-in. Before you use one, check out the reviews and also install a scanner to ensure none of your plug-ins are leaking any information or applying a backlink to the developer site.
Set up an SEO friendly URL for your site through settings. Take a full backup of your site and the databases and then install the custom URL plug-in.