Change WordPress Login URL: WPS Hide Login Tutorial (2025 Guide)

September 28, 2025MD Pabel Team

Why change the WordPress login URL?

By default the WordPress login and admin pages are located at /wp-login.php and /wp-admin. Bots and attackers know these paths, making brute‑force attacks easier. Changing the login URL to a custom slug reduces automated attacks and hides your login page from curious visitors.

Introducing WPS Hide Login

WPS Hide Login is a lightweight plugin that lets you easily and safely change the URL of the login form page to anything you want. It doesn’t touch core files or rewrite rules; it simply intercepts requests and redirects users to your custom login page. Deactivating the plugin restores the default /wp-login.php path.

Step‑by‑Step: Set a custom login URL

  1. Install the plugin: In WordPress admin go to Plugins → Add New and search for “WPS Hide Login.” Click Install Now and then Activate.
  2. Open the settings: Go to Settings → WPS Hide Login (or Settings → General in some versions). You’ll see a field labelled Login url.
  3. Enter a new slug: Type your custom login URL (e.g. mysite-login). The full login address will be https://yourdomain.com/mysite-login. You can also set a redirect URL for blocked requests.
  4. Save changes: Click Save Changes. WordPress will now use the new URL for its login form. Make sure to bookmark it because /wp-login.php will return a “Not Found” error.
  5. Test the new login URL: Open a new browser window and visit your custom slug (e.g. /mysite-login) to confirm that the login page appears. Log in as usual.
  6. Revert if necessary: To revert to the default login path, deactivate the plugin from the Plugins list. Your site will again use /wp-login.php.

WPS Hide Login settings page where you can set a custom login URL

Tips for using a custom login URL

  • Choose a unique slug that’s hard to guess but easy for you to remember.
  • If you use a caching plugin, exclude the custom login URL from caching.
  • Bookmark the new URL or store it in a password manager so you don’t lose access.
  • Consider combining WPS Hide Login with other security measures like two‑factor authentication and IP blocking for layered protection.

Conclusion

Hiding the default WordPress login URL is a quick way to reduce automated attacks. The free WPS Hide Login plugin makes it simple to set a custom login slug without editing core files. Follow the steps above to secure your login page in minutes.

0 Comments

💬

No comments yet. Be the first to share your thoughts!

0/2000

By commenting you agree to our terms.

About the author

About the Author

MD Pabel

MD Pabel

MD Pabel is the Founder and CEO of 3Zero Digital, a leading agency specializing in custom web development, WordPress security, and malware removal. With over 7+ Years years of experience, he has completed more than3200+ projects, served over 2300+ clients, and resolved4500+ cases of malware and hacked websites.

3Zero DigitalLinkedInGitHubLeetCodeHackerRankMediumDev.toX (Twitter)