Support » How-To and Troubleshooting » How to redirect WordPress from subdomain to root [while still in secret dir.]?

How to redirect WordPress from subdomain to root [while still in secret dir.]?

  • Hallo,
    I need help with a problem that I am unable to resolve on my own, despite all my efforts.

    The problem is that I want to protect myself against various ‘script-kiddie’ types of attacks, partially by giving WordPress its own [hidden] directory, more at:


    Now, I want to do this, but I want not to just have wordpress in example.com/secretdir but in secretdomain.example.com/secretdir and I want its domain/url to be [appear to be] at example.com

    So, for example – lets think that my WP install is at


    Now, I want my url to *appear* to be amazing.com

    So, I want that sort of thing that is described at


    but to be it like 2-level, so not only to have secret subfolder where wp is installed, but to have secret subdomain AND secret subfolder WITHIN that subdomain and I still want my wp address to look like my wp is installed in root.

    I am assuming, I have to do the following from here


    “… Open your root directory’s index.php file in a text editor
    Change the following and save the file.
    Change the line that says:
    to the following, using your directory name for the WordPress core files:

    Now, I am not sure what to put here:


    – because my wp is not just a directory away, but the whole subdomain AND the directory.

    Structure of my FTP:

    There are 2 important directories ‘web’ and ‘sub’

    Now, ‘web’ is the root directory – stuff in there will appear under example.com

    Than, ‘sub’ is the directory where I can create subdomains, so for example – when I create a directory called ‘blog’ under /sub its address will be blog.example.com

    Now, what is my route if my WP install is at /sub/blog/wpsecret [but publicly it is blog.example.com/wpsecret and I want to have it appear at example.com BUT LEAVE MY WP INSTALL AT blog.example.com/wpsecret …?

    Thanks in advance for any bit of advice,

Viewing 8 replies - 1 through 8 (of 8 total)
  • Giving WP its own directories doesn’t hide anything.

    All of your images, themes, etc are stored in that other directory, with plain URLs. They are completely visible to anyone. The point of leaving WP in the subdirectory is not to hide anything, it is to keep from having a bunch of files in your root directory. Keeping things organized.

    What you are trying to do is completely unnecessary really. WP is already secure enough to handle these various ‘script kiddies’ you worry about, without you having to try to accomplish the impossible.

    But to answer your question, I do not see how what you want to do is possible.

    Yes, I know that it will not hide anything from people, because you can for example view the source from your browser which will expose everything.

    – but I think it will provide at least a partial protection from automated/google-powered attacks that counts on the fact, that you have root/wp-login.php etc. and also from the casual visitor trying things out etc.

    I know this is not ultimate protection at all [and such protection can’t be achieved anyway], but with some other things that I am implementing right now, it could made attacker’s life [etc.] just a little-bit harder and if so, I am willing to implement this, but yes – I know WP is fairly secure.

    By the way, if you know what/how I am trying to do, could you give me a hint please, I would be glad for this and I am willing to pay, if you’ll provide complete .htaccess or so, because I would really like to implement this, but without breaking my install.



    You could TRY "require('./blog/wordpress/wp-blog-header.php');" but the problem is that you didn’t put your install in domain.com/blog/wordpress … it might still work. Ditto the htaccess would need the extra folder name in there.

    Thanks, but –
    “he problem is that you didn’t put your install in domain.com/blog/wordpress ”

    That’s exactly why I am asking for advice here.
    I did however stated how my ftp/host-folders are structured, so if anyone could help with my structure, I’ll be VERY glad.


    What about if I will provide full (absolute) url, like:


    Will it work? or must it be something like:



    You can’t put http:// calls in require, last I checked :/ You may be able to try this:


    What happened when you use /blog/wordpress by itself?

    So, I simply provided an absolute url and it works.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘How to redirect WordPress from subdomain to root [while still in secret dir.]?’ is closed to new replies.
Skip to toolbar