WordPress (WP) waa nidaamka maaraynta macluumaadka ugu caansan ( CMS ), holding 60.8% saamiga suuqa.

Si kastaba ha ahaatee, mid ka mid ah daciifnimadeeda ugu muhiimsan ayaa ah in badan oo ka mid ah hackers-ka WordPress ay yaqaanaan sida loo galo albaabka hore ee mareegaha WP.

Sida caadiga ah, URL- ka galitaanka WordPress ee ugu weyn waa yourdomain.com/wp-admin.php. Waxaa jira laba URL oo kale oo aad isticmaali karto kuwaas oo u weecin doona isla bogga gelitaanka caadiga ah:

yourdomain.com/admin
yourdomain.com/login

Waa maxay sababta aad ugu adkayn wayday tuugta iman kara inay helaan boggaga gelitaanka? Maqaalkani wuxuu ku tusi doonaa sida iyo sababta aad u bedesho URL- kaaga maamulka WordPress .

Maxaad u Bedeshaa URL Loginkaaga WordPress?^{(Why Change Your WordPress Login URL?)}

In kasta oo la isticmaalayo URL-ka-soo-gal ee WordPress-^{(default WordPress login URL)} ka ah waa hab fudud oo lagu xasuusto sida loo galo goobtaada, waxay sidoo kale u fududaynaysaa tuugada.

Waxaad ugu yaraan hoos u dhigi kartaa tuugada adigoo u beddelaya URL- kaaga wax ay ku adag tahay inay helaan. Waxaa jira farsamooyin kala duwan oo jilayaasha xaasidnimada leh ay u adeegsadaan inay jabsadaan goobta WP, iyadoo weerarada xoogga ah ay yihiin kuwa ugu badan.

Weerar xoog leh^{(brute force attack)} ayaa ah marka jabsiga isku dayo inuu galo goobtaada isagoo si joogto ah isku dayaya isku darka kala duwan ee isticmaalayaasha iyo ereyada sirta ah ilaa ay ka helaan midka saxda ah.

In kasta oo ayan mar walba guulaysan, isku dayadani waxay burburin karaan goobtaada haddii ay galaangal u yeeshaan. Mid ka mid ah taxadarka fudud waa inaadan isticmaalin ereyada sirta ah ee ay fududahay in la qiyaaso sida " 12345 " ama " abcde ". Sidoo kale, ha u isticmaalin admin magacaaga isticmaale.

Ma ogtahay in ay jiraan in ka badan 90,000 oo isku dayo jabsi^{(90,000 hack attempts)} ah daqiiqadiiba maalin kasta? Haddi uu mareegahaagu yar yahay ama ha weynaado, isku dayga lagu jabsado goobtaada waa mid dhaw oo lama huraan ah.

Weerrarada^(Brute) xoogga ah waxay xad dhaafiyaan xusuusta server-kaaga martigelinaysa iyagoo si isdaba joog ah u samaynaya codsiyada HTTP si isku xigta. ^(HTTP)Xitaa haddii jabsiga uusan awoodin inuu galo, tirada badan ee codsiyada ayaa ku filan inuu ku riixo server-ka webka oo ka baxsan awoodda wuxuuna burburin karaa goobtaada.

Haddi uu guulaysto, hackers-ku waxa uu gali doonaa dashboardkaaga WordPress maamule ahaan. Xalka ugu badan ee lagu taliyay si looga hortago dhammaan arrimahan waa in la beddelo URL-kaaga asalka ah ee WordPress oo ^(URL)loo^(WordPress) beddelo mid cusub.

Ma u baahan tahay inaad gacanta ku beddesho URL Login-kaaga WordPress?^{(Should You Change Your WordPress Login URL Manually?)}

Haddii aad isku daydo inaad isku daydo inaad si gacanta ah u beddesho boggaga galitaanka URL , waxaanu aad kuugula talinaynaa inaadan samayn. Inkasta oo aad si toos ah ugu geli karto faylasha boggaaga FTP ama habab kale, maaha fikrad wanaagsan sababahan soo socda awgood:

Mar kasta oo ay cusboonaysiiso WordPress , waxay dib u abuuri doontaa faylka bogga galitaanka, taasoo ka dhigaysa lagama maarmaan inaad mar kale beddesho URL- ka .
Waxa laga yaabaa inaad si badheedh ah u abuurto arrimo la xidhiidha shaqaynta goobtaada, oo ay ku jiraan khaladaadka shaashada ka bixida.
Inta badan waxaa jira cawaaqib xumo aan la filayn marka aad bedesho faylalka ubucda ah ee goobtaada, gaar ahaan marka aanad u baahnayn.

Isticmaal WPS Qari Login Plugin ^{(Use WPS Hide Login Plugin )}

WPS Hide Login waa plugin fudud oo WordPress ah si si badbaado leh oo hufan loogu beddelo URL boggaaga galitaanka WordPress .

Waa plugin iftiin ah oo kuu ogolaanaya inaad si badbaado leh oo fudud u beddesho foomka galitaanka bogga URL . Kuma darto xeerarka dib-u-qorista, wax ka beddelka faylasha, ama dib-u-magacaabin faylasha asaasiga ah.

Taa baddalkeeda, WPS Hide Login waxay ka hortagtaa codsiyada bogga waxayna ka dhigtaa boggaaga wp-login.php mid aan la heli karin. Hubi inaad qorto ama calaamadayso bogga galitaanka cusub si aad hadhow u gasho.

Sida loo rakibo WPS Qari Login^{(How to Install WPS Hide Login)}

Waxaad ka soo dejisan kartaa plugin-ka^{( download the plugin)} ama waxaad ka soo dhejin kartaa dhabarka dambe ee WordPress adiga oo raadinaya. Tag Plugins > Kudar Cusub^{(Add New)} . Ka raadi WPS Qari Login^{(WPS Hide Login)} ee Kaydka Plugin ee WordPress^{(WordPress Plugin Repository)} .

Guji Hadda Ku rakib^{(Install Now)} ka dibna Dhaq^(Activate) -geli plugin-ka.

Sida loo habeeyo Plugin-ka^{(How to Configure the Plugin)}

Si aad u gasho goobaha furaha, aad Plugins > Plugins rakiban^{(Installed Plugins)} . Guji Dejinta^{(Settings )} hoosta WPS Hide Login plugin.

Hoos ugu dhaadhac qaybta WPS Qari Login^{(WPS Hide Login)} .

Sida aad ku arki karto sawirka kore, waxaa jira laba go'aan oo ay tahay inaad sameyso.

URL galkaaga cusub
URL- ka dib u jiheynta ee dadka isku dayaya inay tagaan boggaga WordPress -ka ah^(WordPress)

Markaad dooranayso URL- kaaga cusub , isticmaal xarfo iyo lambaro gaar ah oo random ah. Haddii aad isticmaasho wax si fudud loo qiyaasi karo, waxaad jabin doontaa ujeedada beddelka URL- ka galitaanka WordPress .

Doorashadaada xigta waa URL ee bogga dib u hagidda Mid talo soo jeedin ah ayaa ah inaad abuurto bog 404-qallad ah haddii aanad hore u lahayn mid.

Haddii aadan haysan bog 404 qalad ah^{(404-error page)} , waxaa jira plugin ah taas.

Ama, waxaad dejin kartaa dib u jahaynta boggaga guriga. Marka la sameeyo, dhagsii Save Changes URL cusub si uu u dhaqan galo.

Tijaabi URL-kaaga Cusub ee WordPress^{(Test Your New WordPress Login URL)}

Isku day inaad URL -kaaga asalka ah ku qorto baararka raadinta:

Yourdomain.com/wp-login

Haddii dejimahaagu sax yihiin, waa inaad aragto wax la mid ah sawirka hoose.

Haddii aad rabto inaad ku soo noqoto galitaanka WordPress ee asalka ah sabab kasta ha ahaatee, demi WPS Hide Login plugin.

Is Your Website 100% Safe Now?

Ha helin dareen ammaan oo been ah. Qaado taxadar kale marka lagu daro isticmaalka WPS Hide Login plugin.

Hackers waa kuwo aan naxariis lahayn. Had iyo jeer waxay raadiyaan habab cusub oo ay ku carqaladeeyaan mareegaha. Marka lagu daro bedelida URL- kaaga login ee WordPress , waa inaad raacdaa talooyinka amniga WordPress ee aasaasiga ah.

Ka dhig nooca WordPress , plugins, iyo mawduucyada mid cusub
Isticmaal Plugin-ka Amniga sida Malcare si aad si firfircoon uga hortagto bots-yada xun iyo ciwaannada IP-ga xaasidnimada leh
Ku rakib Shahaadada SSL
Isticmaal isku dayga xaddidan ee dib loo raray^{(the Limit Login Attempts Reloaded)} plugin si loo xaddido isku dayga soo gelida
Ku kaydi faylashaada plugin sida BlogVault
Dooro erayga sirta ah ee gaarka ah iyo magaca isticmaalaha
Hirgeli furka xaqiijinta laba-factor sida Google Authenticator - WordPress Two Factor Authentication (2FA)

Ma jirto hab nacasnimo ah oo looga hortagayo tuugada inay galaan goobtaada. Si kastaba ha ahaatee, taasi macnaheedu maaha inaad u fududayso iyaga.

Sida aad arki karto, bedelida URL- ka galitaanka WordPress ee caadiga ah waa sahlan tahay in la sameeyo waana inaad. Maxaad u siisaa hackers-ka furaha albaabkaaga hore?

How to Change Your WordPress Login URL for Better Security

WordPreѕs (WP) is the most popular content management system (CMS), holding 60.8% of the market share.

However, one of its most significant weaknesses is that so many WordPress hackers know how to get in the front door of WP websites.

By default, the main WordPress login URL is yourdomain.com/wp-admin.php. There are two other URLs you can use that will redirect to the same default login page:

yourdomain.com/admin
yourdomain.com/login

Why not make it more difficult for potential hackers to find your login page? This article will show you how and why to change your WordPress admin login URL.

Why Change Your WordPress Login URL?

Although using the default WordPress login URL is an easy way to remember how to access your site, it also makes it too easy for hackers.

You can at least slow down hackers by changing your login URL to something that’s harder for them to find. There are various techniques malicious actors use to hack a WP site, with brute force attacks being the most common.

A brute force attack is when the hacker tries to get access to your site by continuously trying various combinations of usernames and passwords until they find the right one.

Although they aren’t always successful, these attempts can wreak havoc on your site should they gain access. One simple precaution is not to use passwords that are easy to guess such as “12345” or “abcde”. Also, don’t use admin for your username.

Did you know that there are over 90,000 hack attempts per minute every day? Whether your website is small or large, attempts to hack into your site are imminent and unavoidable.

Brute force attacks overload your hosting server’s memory by repeatedly making HTTP requests in rapid succession. Even if the hacker is not able to gain access, the sheer number of requests is enough to push the web server beyond capacity and can crash your site.

If successful, the hacker will have access to your WordPress dashboard as an admin. The most recommended solution to prevent all of these issues is to change your default WordPress login URL to a new one.

Should You Change Your WordPress Login URL Manually?

If you’re tempted to try to change your login page URL manually, we highly recommend you don’t. Although you can access your website files directly with FTP or other methods, it’s not a good idea for the following reasons:

Each time WordPress updates, it will recreate the login page file, making it necessary for you to change the URL again.
You may inadvertently create issues with your site’s functionality, including errors with the logout screen.
There are often unintended negative consequences when you alter your site’s core files, especially when you don’t have to.

Use WPS Hide Login Plugin

WPS Hide Login is a light WordPress plugin to safely and efficiently change the URL of your WordPress login page.

It’s a light plugin that lets you safely and easily change the login form page URL. It does not add rewrite rules, modify files, or rename core files.

Instead, WPS Hide Login intercepts page requests and renders your wp-login.php page inaccessible. Make sure you write down or bookmark your new login page so you can access it later.

How to Install WPS Hide Login

You can download the plugin or upload it from the backend of WordPress by searching for it. Go to Plugins > Add New. Search for WPS Hide Login from the WordPress Plugin Repository.

Click on Install Now and then Activate the plugin.

How to Configure the Plugin

To access the plugin settings, go to Plugins > Installed Plugins. Click on Settings under the WPS Hide Login plugin.

Scroll down to the WPS Hide Login section.

As you can see in the screenshot above, there are two decisions you must make.

Your new login URL
The redirect URL for people who try to go to your default WordPress page

When choosing your new login URL, use a unique and random combination of letters and numbers. If you use something easy to guess, you will be defeating the purpose of changing your WordPress login URL.

Your next choice is the URL of the redirection page. One suggestion is to create a 404-error page if you don’t already have one.

If you don’t have a 404-error page, there’s a plugin for that.

Or, you can set the redirection to your home page. When done, click Save Changes for the new URL to take effect.

Test Your New WordPress Login URL

Try typing your default URL into a search bar:

Yourdomain.com/wp-login

If your settings are correct, you should see something like the image below.

If you want to return to the default WordPress login for any reason, deactivate the WPS Hide Login plugin.

Is Your Website 100% Safe Now?

Don’t get a false sense of security. Take other precautions in addition to using the WPS Hide Login plugin.

Hackers are relentless. They are always looking for new ways to disrupt websites. In addition to changing your WordPress login URL, you should follow basic WordPress security tips.

Keep your WordPress version, plugins, and themes up to date
Use a Security Plugin such as Malcare to block bad bots and malicious IP addresses proactively
Install an SSL Certificate
Use the Limit Login Attempts Reloaded plugin to limit login attempts
Back up your files with a plugin such as BlogVault
Choose a unique and secure password and username
Implement a two-factor authentication plugin such as Google Authenticator – WordPress Two Factor Authentication (2FA)

There’s no foolproof way to prevent hackers from accessing your site. However, that doesn’t mean you should make it easier for them.

As you can see, changing the default WordPress login URL is simple to do and you should. Why give hackers the key to your front door?

Caleb Clark

About the author

Waxaan ahay khabiir kombuyuutar, waxaanan ku takhasusay aaladaha iOS. Waxaan dadka caawinayay tan iyo 2009, waayo-aragnimadayda wax-soo-saarka Apple ayaa iga dhigaysa qofka ugu habboon ee ka caawinaya baahiyahooda tignoolajiyada. Xirfadeyda waxaa ka mid ah: - Dayactirka iyo cusboonaysiinta iPhones iyo iPod-yada -Rakida iyo isticmaalka software Apple - Ka caawinta dadka inay helaan apps-ka ugu fiican ee iPhones iyo iPod-yada - Ka shaqaynta mashaariicda onlaynka ah

Sida Loo Bedelo URL Login-kaaga WordPress si loo helo Ammaan Wanaagsan

Maxaad u Bedeshaa URL Loginkaaga WordPress?^{(Why Change Your WordPress Login URL?)}

Ma u baahan tahay inaad gacanta ku beddesho URL Login-kaaga WordPress?^{(Should You Change Your WordPress Login URL Manually?)}

Isticmaal WPS Qari Login Plugin ^{(Use WPS Hide Login Plugin )}

Sida loo rakibo WPS Qari Login^{(How to Install WPS Hide Login)}

Sida loo habeeyo Plugin-ka^{(How to Configure the Plugin)}

Tijaabi URL-kaaga Cusub ee WordPress^{(Test Your New WordPress Login URL)}

Is Your Website 100% Safe Now?

How to Change Your WordPress Login URL for Better Security

Why Change Your WordPress Login URL?

Should You Change Your WordPress Login URL Manually?

Use WPS Hide Login Plugin

How to Install WPS Hide Login

How to Configure the Plugin

Test Your New WordPress Login URL

Is Your Website 100% Safe Now?

Caleb Clark

About the author

Related posts

Sida Loo Helo Adminkaaga WordPress Login

Squarespace Vs WordPress: Waa kee Platform Goobta Wanaagsan?

Soo gal LinkedIn oo Saxeexa Amniga & Tallooyinka Qarsoonnimada

Proxy vs VPN: Keebaa u roon Amniga iyo Qarsoonaanta?

Sida loo raro goobta WordPress mid ka mid ah martida loo yahay mid kale

Sida Loo Kobciyo Boggaga WordPress

Jetpack WordPress: Waa maxay oo ay mudan tahay in la rakibo?

Sida Loo Sameeyo Bogga WordPress Mid Sugan

Sida loo rakibo WordPress on Google Cloud Platform

Ka ilaali oo ka ilaali mareegaha WordPress jabsadayaasha

Sida Loo Sameeyo Tijaabooyin Qaybsan Oo Wax Ku Ool Ah Gudaha WordPress

Tus qoraalka bogga hoyga ee blogka WordPress

Abuuritaanka Mawduuca Ilmaha ee WordPress

9 Waa in uu leeyahay Plugins loogu rakibo WordPress Cusub

Isticmaalayaasha ka jiheeya bogga 404 ee WordPress

3-da ugu Fiican SEO Plugins ee WordPress

Casharka WordPress Gutenberg: Sida Loo Isticmaalo Tifaftiraha Cusub

Sida Loola Socodo Xidhiidhada Go'ay Aaladda Maamulaha Mareegaha Google

WordPress wuxuu muujinayaa qalad HTTP marka la soo gelinayo sawirada

Sida loo habeeyo Asturnaanta gudaha WordPress iyo sababta ay muhiim u tahay

Sida Loo Bedelo URL Login-kaaga WordPress si loo helo Ammaan Wanaagsan

Maxaad u Bedeshaa URL Loginkaaga WordPress?(Why Change Your WordPress Login URL?)

Ma u baahan tahay inaad gacanta ku beddesho URL Login-kaaga WordPress?(Should You Change Your WordPress Login URL Manually?)

Isticmaal WPS Qari Login Plugin (Use WPS Hide Login Plugin )

Sida loo rakibo WPS Qari Login(How to Install WPS Hide Login)

Sida loo habeeyo Plugin-ka(How to Configure the Plugin)

Tijaabi URL-kaaga Cusub ee WordPress(Test Your New WordPress Login URL)

Is Your Website 100% Safe Now?

How to Change Your WordPress Login URL for Better Security

Why Change Your WordPress Login URL?

Should You Change Your WordPress Login URL Manually?

Use WPS Hide Login Plugin

How to Install WPS Hide Login

How to Configure the Plugin

Test Your New WordPress Login URL

Is Your Website 100% Safe Now?

Caleb Clark

About the author

Related posts

Sida Loo Helo Adminkaaga WordPress Login

Squarespace Vs WordPress: Waa kee Platform Goobta Wanaagsan?

Soo gal LinkedIn oo Saxeexa Amniga & Tallooyinka Qarsoonnimada

Proxy vs VPN: Keebaa u roon Amniga iyo Qarsoonaanta?

Sida loo raro goobta WordPress mid ka mid ah martida loo yahay mid kale

Sida Loo Kobciyo Boggaga WordPress

Jetpack WordPress: Waa maxay oo ay mudan tahay in la rakibo?

Sida Loo Sameeyo Bogga WordPress Mid Sugan

Sida loo rakibo WordPress on Google Cloud Platform

Ka ilaali oo ka ilaali mareegaha WordPress jabsadayaasha

Sida Loo Sameeyo Tijaabooyin Qaybsan Oo Wax Ku Ool Ah Gudaha WordPress

Tus qoraalka bogga hoyga ee blogka WordPress

Abuuritaanka Mawduuca Ilmaha ee WordPress

9 Waa in uu leeyahay Plugins loogu rakibo WordPress Cusub

Isticmaalayaasha ka jiheeya bogga 404 ee WordPress

3-da ugu Fiican SEO Plugins ee WordPress

Casharka WordPress Gutenberg: Sida Loo Isticmaalo Tifaftiraha Cusub

Sida Loola Socodo Xidhiidhada Go'ay Aaladda Maamulaha Mareegaha Google

WordPress wuxuu muujinayaa qalad HTTP marka la soo gelinayo sawirada

Sida loo habeeyo Asturnaanta gudaha WordPress iyo sababta ay muhiim u tahay

Maxaad u Bedeshaa URL Loginkaaga WordPress?^{(Why Change Your WordPress Login URL?)}

Ma u baahan tahay inaad gacanta ku beddesho URL Login-kaaga WordPress?^{(Should You Change Your WordPress Login URL Manually?)}

Isticmaal WPS Qari Login Plugin ^{(Use WPS Hide Login Plugin )}

Sida loo rakibo WPS Qari Login^{(How to Install WPS Hide Login)}

Sida loo habeeyo Plugin-ka^{(How to Configure the Plugin)}

Tijaabi URL-kaaga Cusub ee WordPress^{(Test Your New WordPress Login URL)}