wordpress security

Posted September 28, 2016 4.9k views

I’ve installed Wordpress a couple of servers following your best practice tutorials on here. I’ve got my sites running and now want to secure them. Specifically, I’m trying to hide the Wordpress Admin URL. However, I’ve tried all kinds of plugins and even modifying the .htaccess directly but nothing work. It hides the wp-admin page but won’t redirect to new URL?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hiding the wp-admin is not generally something that is done to secure WordPress and wouldn’t provide much in the way of protection but could likely break some plugins.

Some steps that are important to take would include ensuring protection against xmlrpc attacks and taking other initial steps with your server.

To the best of my knowledge, to successfully change the wp-admin URL would require the use of plugins designed for that purpose.

by Jon Schwenn
WordPress is a popular and powerful CMS (content management system) platform. Its popularity can bring unwanted attention in the form of malicious traffic specially targeted at a WordPress site. There are many instances where a server that has not been protected or optimized could experience issues or errors after receiving a small amount of malicious traffic. This guide will show you how to protect WordPress from XML-RPC attacks on an Ubuntu 14.04 system.