Change WordPress Login URL: WPS Hide Login Tutorial (2025 Guide)

Published on 9/28/2025
MD Pabel
Read with ChatGPT

Why change the WordPress login URL?

By default the WordPress login and admin pages are located at /wp-login.php and /wp-admin. Bots and attackers know these paths, making brute‑force attacks easier. Changing the login URL to a custom slug reduces automated attacks and hides your login page from curious visitors.

Introducing WPS Hide Login

WPS Hide Login is a lightweight plugin that lets you easily and safely change the URL of the login form page to anything you want. It doesn’t touch core files or rewrite rules; it simply intercepts requests and redirects users to your custom login page. Deactivating the plugin restores the default /wp-login.php path.

Step‑by‑Step: Set a custom login URL

  1. Install the plugin: In WordPress admin go to Plugins → Add New and search for “WPS Hide Login.” Click Install Now and then Activate.
  2. Open the settings: Go to Settings → WPS Hide Login (or Settings → General in some versions). You’ll see a field labelled Login url.
  3. Enter a new slug: Type your custom login URL (e.g. mysite-login). The full login address will be https://yourdomain.com/mysite-login. You can also set a redirect URL for blocked requests.
  4. Save changes: Click Save Changes. WordPress will now use the new URL for its login form. Make sure to bookmark it because /wp-login.php will return a “Not Found” error.
  5. Test the new login URL: Open a new browser window and visit your custom slug (e.g. /mysite-login) to confirm that the login page appears. Log in as usual.
  6. Revert if necessary: To revert to the default login path, deactivate the plugin from the Plugins list. Your site will again use /wp-login.php.

WPS Hide Login settings page where you can set a custom login URL

Tips for using a custom login URL

  • Choose a unique slug that’s hard to guess but easy for you to remember.
  • If you use a caching plugin, exclude the custom login URL from caching.
  • Bookmark the new URL or store it in a password manager so you don’t lose access.
  • Consider combining WPS Hide Login with other security measures like two‑factor authentication and IP blocking for layered protection.

Conclusion

Hiding the default WordPress login URL is a quick way to reduce automated attacks. The free WPS Hide Login plugin makes it simple to set a custom login slug without editing core files. Follow the steps above to secure your login page in minutes.

Explore Our Security Services

WordPress Malware Removal

Professional WordPress malware removal to clean, secure & restore your hacked site fast — trusted by 2300+ clients.

Custom Website Development

Build a custom, responsive & SEO-optimized website or web app with modern tech — tailored to your business goals.

Fix WordPress Errors

Diagnose and fix WordPress site issues — fatal errors, performance problems, broken layouts, plugin conflicts and more.

About the Author

MD Pabel

MD Pabel

MD Pabel is the Founder and CEO of 3Zero Digital, a leading agency specializing in custom web development, WordPress security, and malware removal. With over 7+ Years years of experience, he has completed more than3200+ projects, served over 2300+ clients, and resolved4500+ cases of malware and hacked websites.

3Zero DigitalLinkedInGitHubLeetCodeHackerRankMediumDev.toX (Twitter)