How to make wp-login.php and wp-admin not accessible
-
Hello guys I wanted to limit my LOGIN and WP-ADMIN without using plugins. I have a network (multi-site):
I have done so:
wp-config.php
define('WP_ADMIN_DIR', 'controlpanel'); define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . WP_ADMIN_DIR);
.haccess
RewriteRule ^controlpanel/(.*) wp-admin/$1?%{QUERY_STRING} [L] // Internal Rewrite from access to wp-login RewriteRule ^access(.*)$ wp-login.php$1 [NC,L] // Real redirection from wp-login to access appending the query string RewriteCond %{REQUEST_URI} ^wp-login.* RewriteRule ^ access$ [R=301,NC,QSA,L]
function.php
add_filter('admin_url', 'new_admin_url'); function new_admin_url() { // Insert the new URL here: return get_bloginfo('url').'/controlpanel/'; } add_filter( 'login_url', 'new_login_url', 10, 2 ); function new_login_url( $login_url, $redirect ) { return get_bloginfo('url').'/404/'; } function redirect_wp_admin(){ $redirect_to = $_SERVER['REQUEST_URI']; if(count($_REQUEST)> 0 && array_key_exists('redirect_to', $_REQUEST)){ $redirect_to = $_REQUEST['redirect_to']; $check_wp_admin = stristr($redirect_to, 'wp-admin'); if($check_wp_admin){ wp_safe_redirect( '404.php' ); } } }
But it does not seem to work well. How can I fix!?
- The topic ‘How to make wp-login.php and wp-admin not accessible’ is closed to new replies.