Plus securing your login pages
So, you’ve done it—you’ve decided to set up a blog with WordPress, or maybe you’ve determined that WordPress is the ideal content management system (CMS) for your site. If you’ve made it through the installation process, you’re doing great!
After all, WordPress powers around 35% of the web as overwhelmingly the most popular CMS, dwarfing competitors like Drupal and Joomla.
The WordPress installation process comes in a number of different flavors. Many hosting providers offer automated WordPress installation as part of their in-panel features. This will allow you to create a fresh WordPress installation with the click of a button.
Alternatively, you may end up installing WordPress manually. This involves downloading an archive of its source code and using an FTP client to upload the contained files onto your web server.
Whichever way you’ve chosen to install your WordPress, you’ll need to set up a default admin username and password along the way. After doing so, that’s where you may find yourself in a bit of a pickle. Some hosting providers will redirect you straight to your WordPress admin login, but others won’t.
Either way, you need to know how to get to your admin login in future cases. Let’s talk about how you can do just that.
If You’re Already Logged In: Use The Admin Bar
Much of the time, you’ll already be logged into your WordPress admin account after you set up your new WordPress blog. This means that you don’t need to find your WordPress admin login page, you just need to find how to access the admin backend as a whole. However, the two are synonymous in WordPress as both are accessible from the same page.
The simplest way to access the admin side of your WordPress site is by navigating to your site’s URL via your browser. At the top of the page, if you’re logged in, you’ll see a gray bar—the admin bar.
To get to your admin backend, all you have to do is click on your website’s name in this bar, which can be located directly to the right of the WordPress logo. In this example, that’d be “Online Tech Tips”.
Since you’re only able to see the admin bar if you’re already logged in, you’ll be taken immediately to your admin dashboard. This is where you can make all of the administrative changes to your WordPress site.
If You’re Not Logged In: By URL
If you’re not logged in, finding your admin backend can be a bit trickier. Some WordPress themes include a link to log in in the footer, but not all of them include this. However, we can access the admin backend in a bit of a hacky way by checking the default URLs.
Either of these pages will do the trick. If you’re an admin, the simple WordPress login page will know to redirect you to your admin dashboard.
Knowing WordPress’s default URL to your WordPress admin login is just as bad as it is good. It means that malicious users who may want to hack or brute force their way into your WordPress backend have the upper hand, too.
Securing Your Login Pages
It’s a security risk to use the default WordPress login URLs—or even worse, the default WordPress login credentials of username “admin”. Doing so offers a point of entry to hackers who will try their best to sabotage your WordPress site.
However, you can’t just rename the “wp-admin” directory and “wp-login.php” file. Doing so would break your WordPress installation entirely.
Currently, the best way to pull this off is with the WPS Hide Login plugin. Please be aware that this is a third-party plugin and is not officially maintained by WordPress. However, it has over 500,000 active installations and installing it is very simple.
You can either download the plugin as an archive directly from the WordPress Plugins site, or you go to the Add New page in your admin dashboard, which is found under the Plugin menu.
Should you choose the latter method, which we recommend due to it being much easier, you’ll need to run a search for the plugin by name.
Once you’ve found it, click the Install Now button. When finished, that button will change to Activate, which you should also click. This will take you to your Plugins page, where you’ll need to scroll down and click the Settings link beneath the WPS Hide Login row.
Here, you can change the default WordPress login URL, which will apply to both the login page and admin directory. WPS Hide Login even lets you redirect users to a custom page if they try accessing this URL, which can help you do things such as log their IP address if necessary.
Additionally, you may even want to look into password-protecting WordPress pages.
Finding your WordPress admin login and dashboard can be confusing as a new user, but once you’ve figured it out, it’s extremely easy to remember.
Do you know any alternative ways to find the WordPress admin login? Drop a comment below and let us know!