Notifications
Clear all
Wordpress Website
1
Posts
1
Users
0
Reactions
324
Views
Topic starter
15/06/2023 2:33 pm
There are many methods, but I will mention few as below:
First Method (Redirect using site cookie, function and htaccess):
- Add below constants to wp-config.php file:
define('WP_ADMIN_DIR', 'secret-folder'); define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . WP_ADMIN_DIR); - Add below snippet in function.php file of your active theme
add_filter('site_url', 'wpadmin_filter', 10, 3); function wpadmin_filter( $url, $path, $orig_scheme ) { $old = array( "/(wp-admin)/"); $admin_dir = WP_ADMIN_DIR; $new = array($admin_dir); return preg_replace( $old, $new, $url, 1); } - Add below lines to .htaccess file
RewriteRule ^secret-folder/(.*) wp-admin/$1?%{QUERY_STRING} [L]
Second Method (Rename wp-login with new file like new-secret-login-file):
- Rename wp-login.php with new file like new-secret-login-file.php in the root admin folder.
- Open the new-secret-login-file.php and find and replace every instance of "wp-login.php" in the file – then replace it with your new file name as new-secret-login-file.php.
- Now you should be able to log in by navigating to your new URL. In our case, it’s domain/new-secret-login-file.php.
Note: If any HTTP/HTTPS requests to the /wp-login.php, or /wp-admin, directories will lead visitors to a 404 not-found page.
Third Method (Protect wp-login.php With a Cookie and .htaccess):
- Add this code into your .htaccess file in the root folder.
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{HTTP_COOKIE} !^.*wp\-connect=2917998723.*$ [NC] RewriteRule wp-login.php - [F] </IfModule> - Create a new login page for cookie like new-secret-login-page.php and ad below code:
<?php setcookie("wp-connect", 2917998723); header("Location: wp-login.php");
Note: Please remember, Admins need to first go to domain/wp-connect.php to access wp-login.php
