WordPress.org

Ready to get started?Download WordPress

Forums

[closed] wp-login.php change to your custom url (10 posts)

  1. Drbappaditya Mishra
    Member
    Posted 2 years ago #

    hi guys, I have four website running all on wordpress 3.3.1

    but I felt wp-login.php should change to your custom url as everybody knows that wp-login.php is default log in url and many spam bots can break your security.

    I search all over Internet nothing found (except log in lockdown plug in which block ip address after 3 failed attempt you can change the time and attempts no).

    how ever a simple step i just create (very very simple)

    go to your cpanel and find wp-login.php rename with your desired name

    say http://www.domain.com/wp-login.php should change to http://www.domain.com/googli.php

    then you should rename it (wp-login.php to googli.php)

    and then refresh the page and click edit button over googli.php

    copy all content and paste it in notepad
    then click Ctrl+h replace option open .

    find "wp-login"and replace with "googli" replace all
    and then copy it and paste it in your edit page of googli.php

    you have done .

    enjoy.....no longer anyone with known your log in url cannot access you log in page .

    i advice to all to use log in lock down plug in it is very light weight but definitely good security for your website

    if any body have problem with this method kindly mail me

    [email address removed]

  2. esmi
    Forum Moderator
    Posted 2 years ago #

    You should never, ever, edit WordPress core code.

  3. We call that Security through Obscurity and it doesn't work.

    Watch. Go to yourdomain.com/wp-admin as a NON logged in user. Where does it send you?

  4. Drbappaditya Mishra
    Member
    Posted 2 years ago #

    Thanks once again to @esmi and @Ipstenu for your quick reply.

    please then suggest me the solution for above mentioned problem.

    Once again I remind you that I have no intention to change the core.

  5. Drbappaditya Mishra
    Member
    Posted 2 years ago #

    @ipstenu it sends me to error 404 page not found

  6. Drbappaditya Mishra
    Member
    Posted 2 years ago #

    @esmi and @Ipstenu please delete this post as it may be bad that i have share a view about core hacking

    please delete this post

  7. comediann
    Member
    Posted 2 years ago #

    no leave it as a bad example! shame on you!

    :)

  8. We'll leave it up so people can see why it's a bad idea. Don't worry, this is how everyone learns.

  9. stevepett
    Member
    Posted 1 year ago #

    But what is the solution?
    I get zillions of visits to wp-login.php and cron.php - I assume they are up to no good????

  10. rwilki
    Member
    Posted 1 year ago #

    good point Steve. changing the admin user name and wp tables is a must but it does not prevent malicious login attempts.

Topic Closed

This topic has been closed to new replies.

About this Topic