Ubah WordPress admin URL dengan HC Custom WP-Admin URL

These days it’s common for brute force attacks against the WordPress admin dashboard. Partly because WordPress uses /wp-admin and wp-login.php to handle admin logins by default.

Using the HC Custom WP-Admin URL plugin you can very easily hide these default WordPress admin login URLs, and instead create a custom address that only you will know about.

If you think your WordPress site is under attack you can always review WordPress login attempts, and if you see any malicious attempts you can block unwanted users with .htaccess to prevent further access.

***Notice: This Plugin has not been updated since 2013-11-19, and is only compatible up to WordPress 3.7.11

Install and setup HC Custom WP-Admin URL plugin

The HC Custom WP-Admin URL plugin works by simply adding a rule to your WordPress .htaccess file to redirect requests using the custom URL you’ve configured.

Following the steps below you should have the plugin configured to provide extra security for your WordPress site in just a few minutes.

  1. Login to WordPress admin dashboard.
  2. hover over plugins click on add newHover over Plugins, then click on Add New
  3. fill out hc custom wp-admin click search pluginsFill out HC Custom WP-Admin and click Search Plugins
  4. click on install now beside hc custom wp-admin urlClick on Install Now beside HC Custom WP-Admin URL
  5. click ok on confirmation pop upClick OK on the plugin install confirmation pop-up
  6. after plugin installs click activate pluginAfter the plugin installs, click on Activate Plugin
  7. hover over settings click on permalinksHover over Settings and click on Permalinks
  8. fill in wp-admin slug click save changesThe HC Custom WP-Admin URL plugin adds a WP-Admin slug setting to the bottom of your Permalinks page.

    Fill in the URL you’d like to change your WordPress login pages to. I’ve simply used secret and then clicked on Save Changes.

    The WP-Admin URL slug is convered to all lowercase as pointed out in the comment below.

  9. hover over howdy user click log outAt the top-right, hover over Howdy, User and click on Log Out
  10. admin urls updated showing front pageNow if you try to access your WordPress admin dashboard with the default /wp-admin or wp-login.php URLs, you’ll simply see your WordPress front page instead of the dashboard.
  11. access secret admin urlIf we instead use the new WP-ADMIN slug that we setup of secret we are then presented with the normal WordPress admin login form.
  12. wp-admin access allowed after using secret urlAfter you login using the WP-ADMIN slug that you setup, you’ll be presented with your normal WordPress admin dashboard again.

You should now have successfully added an extra level of security to your WordPress site that should help prevent malicious users from gaining access to your website.

Di tulis oleh: