Hide wp-login.php as log-in and redirect it to a custom login page

June 18, 20230 Views

I’m trying to hide the wp-login.php on my site so I installed the plugin Rename wp-login.php, I renamed it as log-in. Now I want to redirect it to my custom login page so the default login form of wordpress is totally hidden. Is there a way to accomplish this? I have already tried a redirection plugin and the code below however it only supports the wp-login.php and not my new login url:

function redirect_login_page(){

// Store for checking if this page equals wp-login.php
$page_viewed = basename( $_SERVER['REQUEST_URI'] );

// permalink to the custom login page
$login_page  = get_permalink( '10' );

if( $page_viewed == "wp-login.php" ) {
    wp_redirect( $login_page );
    exit();
}
}

Is there a way to do this without actually altering the wordpress base files?

Post Views: 0

4 comments

Try this

add_action('init','custom_login');
function custom_login(){
 global $pagenow;
 if( 'wp-login.php' == $pagenow ) {
  wp_redirect('http://localhost/wordpresstest/blog/');
  exit();
 }
}

Try This Out

// Hook the appropriate WordPress action
add_action('init', 'prevent_wp_login');

function prevent_wp_login() {
    // WP tracks the current page - global the variable to access it
    global $pagenow;
    // Check if a $_GET['action'] is set, and if so, load it into $action variable
    $action = (isset($_GET['action'])) ? $_GET['action'] : '';
    // Check if we're on the login page, and ensure the action is not 'logout'
    if( $pagenow == 'wp-login.php' && ( ! $action || ( $action && ! in_array($action, array('logout', 'lostpassword', 'rp', 'resetpass'))))) {
        // Load the home page url
        $page = get_bloginfo('url');
        // Redirect to the home page
        wp_redirect($page);
        // Stop execution to prevent the page loading for any reason
        exit();
    }
}

This works for logging in, but not logging out.
If you’re to log out, it redirects you back to the login page, without actually logging you out, as the URL parameter to log out includes /wp-login.php/

I found this to be a better solution:

// Redirect from /wp-login.php/ to /login/ with ability to logout & redirect 
add_action('init', 'custom_login');
function custom_login() {
global $pagenow;
if ($pagenow === 'wp-login.php' && empty($_REQUEST['action'])) {
    wp_redirect('https://example.com/login/');
    exit();
} elseif ($pagenow === 'wp-login.php?action=logout' && $_REQUEST['action'] === 'logout') {
    wp_redirect('https://example.com/');
    exit();
}
}

Anonymous says:

June 18, 2023 at 10:44 am

You can achieve the results of accessing wordpress admin via custom admin login page using a plugin named All In One WP Security & Firewall.

The All In One WordPress Security plugin will take your website security to a whole new level. This plugin is designed and written by experts and is easy to use and understand.It reduces security risk by checking for vulnerabilities, and by implementing and enforcing the latest recommended WordPress security practices and techniques.

Your requirement:

This plugin has ability to hide admin login page. Rename your WordPress login page URL so that bots and hackers cannot access your real WordPress login URL. This feature allows you to change the default login page (wp-login.php) to something you configure.

For more features, refer plugin codex

Comments are closed.

Related posts

4 comments

Social Network