WordPress.org

Ready to get started?Download WordPress

Forums

Changing wp-login.php filename and wp-admin directory (4 posts)

  1. presto
    Member
    Posted 7 years ago #

    Greetings:

    I have upgraded to WordPress 2.1 and it appears to be working fine.

    I am considering changing the name of the 'wp-login.php' file and the 'wp-admin' directory. The reason why I am considering this is that looking at my server logs, IP addresses seperate and apart from the IP address (and it is also not search enging spiders/bots) handed out from my ISP (I log this) are accessing the wp-login.php page. Therefore, I want to be cautious and take precautions to prevent possible hacking.

    Because my IP address handed out from my ISP are not dedicated, it is hard to write a rule in .htaccess blocking out all IP addresses except mine from accessing wp-login.php and the wp-admin directory.

    Knowing that every install of WordPress has both the wp-login.php filename and wp-admin directory and knowing that hackers do download the software and 'reverse engineer' the code to look for weaknesses and flaws, what type of code modifications would need to be done to the file "wp-login.php" and wp-admin directory to tell the code the new filename of 'wp-login.php' and new directory name for wp-admin?

    Thanks for your help and support in advance.

  2. experts8
    Member
    Posted 7 years ago #

    I'd use secure-admin plugin to force https for wp-login.php and /wp-admin/.
    choose strong password for admin (or even client certificate)

  3. HarisTV
    Member
    Posted 7 years ago #

  4. kentfallman
    Member
    Posted 6 years ago #

    Change all places where wp-login.php is to ex. myfrigginloginpage.php.

    do it in following files..

    wp-login.php
    wp-admin/admin-header.php
    wp-includes/general-template.php
    wp-includes/pluggable.php

    voila! your ready to rock..

Topic Closed

This topic has been closed to new replies.

About this Topic