Have you all ever noticed that your website or blog is being attacked on every second?
Is our web property, which took a long time to stand, can be stolen in a single minute?
These questions raised in my mind when I noticed toward the WordPress Dashboard.
I got shocked by seeing these numbers, seriously 54 thousand times my website was brutely attacked. If I had not created a strong password, I think, it would have been stolen a long time ago.
And, Thanks to WordPress also to save my website from not being penetrated in other ways.
But the question is how long your password would be hidden from attackers. If they will trying continuously, then those days are not far away, when your wordpress dashboard will be accessed by others.
So the question is, how can you save your wordpress from brute force attack and this is the most common attack on wordpress.
Brute force attack: In this type of attack hackers use the various combination of user IDs and passwords to get access to your website. Once the user ID and password get matched to your username and password, they will gain the full access to your website.
Especially in the WordPress, when everyone knows about your admin login URL www.yourwebsite.com/wp-admin. wp-admin is the default for all wordpress admin page. Then anyone can start with the brute force attacking.
Then the question is:
How to stop brute force attacks?
Here, you can prevent your wordpress from brute force attacks by these methods:
By Installing limit login attempts plugin
There are many plugins available in the wordpress to limit the count of login attempts. You can simply install those free plugin that can prevent the user from more login attempts.
These plugins will help you to set up the maximum number of login attempts can try a user.
By Enabling 2-Step verification
This will enable the 2-factor authorization that means your wordpress login will check you two times. One is your password, and another is your phone. If you have your both password and phone, then only you can log in to your dashboard.
First, If your password is right, then it sends a 6-digit code to your google authenticator. Which will different for every time and be necessary for all the time whenever you Log In.
Google Authenticator is a very safe method to protect your WordPress from attacks. But sometime it will bother you to type again and again code by seeing from Google Authenticator, If you login many times in a day.
By Changing WordPress admin URL
This can also secure your wordpress login URL by hiding it from others. When it is no longer available to others, no one can try the combinations of username and passwords.
This method will change wordpress admin URL “wp-admin” of your admin dashboard. If you will change your wordpress admin URL, no one can access your wp-admin page. And, I think It can be secured from password guessers and provide more security to your WordPress dashboard.
So, Let’s learn about wordpress plugins that can be used to change wordpress admin URL.
How to change wordpress admin URL
It’s been enough motivation for changing the wordpress admin URL, now it’s time for some practical stuff.
Here, I’m going to explain you the necessary steps required in the wordpress admin URL changing.
Some plugins from that you can take the help to change wordpress admin URL. There are numbers of plugins from them you can choose one to make a change in your wordpress admin URL. Here are some of them.
- WPS Hide Login (100,000+ Install)
- All In One WP Security & Firewall (600,000+ Install)
- Protect Your Admin (30,000+ Install)
Today’s I am showing you how to change the wordpress admin URL with the help of WPS Hide login plugin.
Changing the wordpress admin URL with WPS hide login
The WPS hide login plugin is the simplest plugin with very ease in activating the custom url. This has been installed in around 100,000+ wordpress websites.
You can install this plugin by searching the “WPS hide login” in wordpress or download from wordpress page.
Go to WordPress dashboard Plugin >Add New >Search “WPS hide login” >Install.
This is the first plugin which will be appeared after searching, Install and activate it.
Once you have installed the plugin and activated it. You have to go to Setting >General at the bottom of this setting, you will find the configuration of WPS Hide Login plugin.
Now, you can configure your wordpress admin dashboard by editing the login url. You can keep any desired url for your admin login url. For example, here you can see the login is now my new wordpress admin link.
I have to use this link “http://bloggingrecipe.com/login” to open wordpress dashboard instead of http://bloggingrecipe.com/wp-admin.
However, you can choose a unique URL like “qwsyt” or difficult to guess for someone. Save your unique url to anywhere safely and bookmarked it.
Changing the WordPress admin url with difficult letter combinations will make it difficult to find your URL.
Changing your WordPress admin url does not mean that your old URL “wp-admin” has been deleted. Whenever you deactivate or delete this plugin, your old URL will take place, and then you will be able to open your WordPress dashboard at the wp-admin url.
Now, when I attempt to login with wp-admin url, I see this.
But, when I tried to log in with my chosen url, It will open the login page as you can see it below after login with my chosen url.
As the security perspective, It is a good idea to change your wordpress wp-admin url. By doing this, the hackers are blocked to reach out to your wordpress login page and can’t guess your credentials.
This can improve your Blog or website security in a high extent.
Tell me in the comment section, how many times your wordpress website has been attacked by malicious attacks.
Like this post? Don’t forget to share it.