A common request for many WordPress users is to change the default login URL in an attempt to avoid any malicious attempts to access your sites back-end. Although changing the URL has little effect in terms of security (ill cover this later) it can still help add a unique a professional touch if your site requires users to login etc.

Getting Started

The first thing you will need to do is to install this excellent plugin, Custom Login URL. This plugin is the main power behind today’s post and provides a neat interface for you to easily change these URLs via your WP admin. Once installed, you must then ensure your using an SEO friendly URL by heading to Settings > Permalinks and choosing anything other than default.

login1Setting Thing Up

Whilst in Settings > Permalinks, you will now see several new areas available to you where you can specify the urls you wish to use. Just enter your desired slugs and your all set.

login2

You will also see a new option to enter a URL to send logged in users to, so if you have a special landing page or welcome screen you can set this up here also.

Taking Things Further

Perhaps now you have setup your own custom URLs, you may want to further customize your users experiencing by re-styling the plain old WP login area with your own design and flair? If that is the case, then this plugin is a must – Custom Login Plugin (these plugin names are inspired arnt they?).

Unlike many other plugins for customizing the login area, Custom Login Plugin doesn’t rely heavily in you having CSS and HTML knowledge, instead a fully featured admin panel is present which does all the heavy lifting for you so once installed, just head to Settings > Admin Custom Login to get started styling your login/register area to your tastes.

Keeping Things Secure

So far in this post, we have moved your login to a neat, personal URL, and we have made it pretty with the cunning use of some excellent plugins, but what about the part that actually matters – securing your WordPress login from hackers?

The very first recommendation is this awesome (albeit old) plugin – Limit Login Attempts. It may be a little long in the tooth now, and hasn’t seen an update in years, but it just works, and works well. As the name suggests, the plugin will simply block any users from accessing your login area after a few failed attempts, which is a massive help when protecting yourself from brute force attacks.

If you want to go even further, then Login Security Solution is a nice alternative which also offers the ability to lock out users based on IP etc. For more tips on securing your WordPress installation please see our posts, Securing WordPress and WordPress Backups/Restore.