wordpress security

September 28, 2016 3k views
Apache CentOS

I've installed Wordpress a couple of servers following your best practice tutorials on here. I've got my sites running and now want to secure them. Specifically, I'm trying to hide the Wordpress Admin URL. However, I've tried all kinds of plugins and even modifying the .htaccess directly but nothing work. It hides the wp-admin page but won't redirect to new URL?

1 comment
1 Answer

Hiding the wp-admin is not generally something that is done to secure WordPress and wouldn't provide much in the way of protection but could likely break some plugins.

Some steps that are important to take would include ensuring protection against xmlrpc attacks and taking other initial steps with your server.

To the best of my knowledge, to successfully change the wp-admin URL would require the use of plugins designed for that purpose.

by Jon Schwenn
WordPress is a popular and powerful CMS (content management system) platform. Its popularity can bring unwanted attention in the form of malicious traffic specially targeted at a WordPress site. There are many instances where a server that has not been protected or optimized could experience issues or errors after receiving a small amount of malicious traffic. This guide will show you how to protect WordPress from XML-RPC attacks on an Ubuntu 14.04 system.
Have another answer? Share your knowledge.