change wp-admin folder

2 Views

I’m running some WordPress websites and I have googled this several times without being able to find an concrete answer to my problem.

I have my sites protected with a login-lock plugin which locks an IP for a certain time if that IP tries to login with wrong credentials repeatedly.

Read More

So my problem is that I keep receiving alerts and alerts of IPs trying to login to my backend. I know I could turn those notifications off, but I would like to solve this correctly.

So I have seen some good WP sites where you can type the /wp-admin and nothing is shown, you get a 404 or you are redirected to homepage. I have also read here about a plugin called stealth login but plugin is no longer listed on wordpress site.

I have also saw some plugins that work with IPs and restrict the folder to certain IP but on my ISP I have a dynamic IP so if I have a new one I’d not be able to see the wp-admin folder.

I’d like to know if there is a standardized or a good way to fix that and hide the wp-admin directory to public.

Post Views: 2

Related posts

Leave a Reply

2 comments

    • The below code will prevent browser access to any file in these directories other than “a.b.c.d” which you should change to be your static IP address.

    order deny,allow
allow from a.b.c.d # This is your static IP
deny from all
    • OR restrict the directory with a password:

    AuthUserFile /etc/httpd/htpasswd
AuthType Basic
AuthName "restricted"
Order Deny,Allow
Deny from all
Require valid-user
Satisfy any

  2. I use the following in my .htaccess file in the wp-admin folder:

    order deny,allow
allow from 12.34.56.78 # My IP
deny from all

    It will give a 404 error to anyone not on that IP address.

    I also use the same for the wp-login.php page. Put this in your root .htaccess file:

    <Files "wp-login.php">
Order deny,allow
Deny from all
Allow from 12.34.56.78
</Files>