iThemes Security Hide Backend

Hides the login page (wp-login.php, wp-admin, admin and login) making it harder to find by automated attacks and making it easier for users unfamiliar with the WordPress platform. If you forget your new login slug the article below can help you find it.

I forgot my Hide Backend URL

Login Slug

The login url slug cannot be "login," "admin," "dashboard," or "wp-login.php" as these are used by default in WordPress. Note: The output is limited to alphanumeric characters, underscore (_) and dash (-). Special characters such as "." and "/" are not allowed and will be converted in the same manner as a post title. Please review your selection before logging out. 

Enable theme compatibility

Enable theme compatibility. If you see errors in your theme when using hide backend, in particular when going to wp-admin while not logged in, turn this on to fix them.

Theme Compatibility Slug

The slug to redirect folks to when theme compatibility mode is enabled (just make sure it does not exist in your site).

Custom Login Action

WordPress uses the "action" variable to handle many login and logout functions. By default, this plugin can handle the normal ones but some plugins and themes may utilize a custom action (such as logging out of a private post). If you need a custom action please enter it here.

The Hide Backend feature is a great extra layer of security through obscurity, however, it isn't bulletproof. We recommend relying on stronger features like reCAPTCHA and enforce strong passwords to secure your login.

A brute force attack is a trial-and-error method used to obtain information such as a username or password. In a brute force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data.

Tutorial Video

Powered by Zendesk