How to hide WordPress URL without Plugin
Majority of Word Press security plugins provides as hide the default Word Press login URL this is first prevention from hackers. Usually Word Press login URL ends wp-login.php.
First hide login URL that will restrict hackers of low level. Change the login URL when using a security plugin, which produces disturbance to other plugins. The two components together cannot perform nicely if website has more moving parts.
Change the default login URL without plugin and avoid plugin conflicts
The great part of security is having a virtuous host and the second one is the security plugin configured on someone requirements. There are three security plugins which provides extra shields of website security.
With specialized login URL you can eliminates the plugin conflicts between security plugin and other plugins on your site keep the functionality of the site. You can use this technique in htaccess file or “hidden” file on the server, which are in server root folder.
Add snippet on the top of htaccess file by FTP and code editor or file manager in hosting admin panel. Its works if you used Apache server which use htaccess, for URL rewrite rules; not the server runs that NGINX this technique is not useful.
# HIDE LOGIN<br>
RewriteRule ^(/)?login/?$ /wp-login.php [QSA,L]<br>
# END Hide LOGIN
The hashtags in htaccess file which indicates comments. Each code or markup has own variation, in htaccess file comments are headed by a pound #sign.
First line said turning on Apache mod_rewrite engine. Second line define rewrite rule. The first part defines the pattern, the rule rewrite into the URL. The second part of rule describes what part of URL rule will replace.
Rewrite rules use regular expressions or regex to define what and when rules trigger.
Substitution pattern starts with ^ ends with $. Slash inside parentheses (/) is known as back–referencedgroup; which means save this for future use, inside the rewritten URL
The question mark inside the substitution pattern is known as un greedy modifier. The question marks tell the rewrite engine to match as few times as possible the result is rewrites the URL fragment as /login.
Replace login with your own secret phrase by word press login URL. Last part of rewrite rule has rewrite rule flags.
L represents last; when this flag is present; rewrite rule matches, no further rewrite rules. This flag is to prevent a redirect loop however it would not depend on this flag to prevent redirect loop.
QSA is for URL, a query string a question mark followed by parameters; while target URL doesn’t. Original behavior of query string URL is observed, although new URL doesn’t have query string.
Now default word press URL has a query string, which redirects the logged in user to admin screen, so this flag is necessary.
Htaacess and Regex file are helpful if small part of them is used then you can hide word press login URL without plugin and also you can save your website.
Latest posts by Illahi Bux (see all)
- How to Work Machine Learning in Mobile Apps - January 31, 2017
- Computational Theory Application of Automata theory in Computer Science - November 21, 2015
- Tips For PHP Development - November 20, 2015