Protect your dashboard without editing the .htaccess file -- the FIRST one that completely blocks remote bot login requests.
I had over 1,000 attempts at logging into my blog's admin panel. This plugin saved the day. Thanks so much. I have my admin URL being redirected to hamsterdance.com. Funny! ;)
Thanks for this, easy way to customize .htaccess to rename wp-login.php. bot POST attempts been bringing down my ec2 instances the past couple of weeks, this is great. Thank you again.
If you install this plugin, it will look like it works. But instead, check your wordpress site as http://www.example.com/login (Change example here with your domain-do not use wp-login.php)
WordPress login function will automatically redirect you to the 'hidden login page'. As you understood, your hidden url is viewable for anybody...
One of my sites was getting slammed with multiple unauthorized login attempts every minute for hours, even with Bulletproof, Wordfence, and Cloudflare installed and Cloudflare set to "under attack" mode.
I was afraid to try this plugin, because I'd used another one that hides the login page and it glitched and locked me out. I had to do something though, so I installed 'Stealth Login Page,' and have had very few brute force attempts since then. It's super easy to configure and works PERFECTLY.
Thank you for an excellent plugin!!
P.S. I set the redirect URL to a government Internet fraud reporting site. Good times.
Solves my problems
It works great! :)
Many thanks! :)
This plugin is simple and easy to implement.
After much hunting for a plugin-based solution I finally found this. It will easily let you obscure your login page so these attacks won’t have a chance to slow your server down. I suppose the server has a small overhead when dealing with the redirect for requests for the default login URL but that must be much lower than having to serve the login page and bounce incorrect logins (and track IPs of incorrect logins). It allows you to redirect all requests to the default login page while preserving requests that add a short configurable code to the login URL.
This plugin is really simple & effective
Adds a security layer above the normal login/pwd
You must log in to submit a review. You can also log in or register using the form near the top of this page.