How to disable the default Wordpress urls, /wp-admin and /wp-login? See the function below. Also it sets a new login url, which can be anything, but in our example it's 'get-me-in'.
you can achieve this by adding some code to your WordPress theme's functions.php file or by creating a custom plugin. Here's an example of how you can do this:
// Disable default /wp-admin and /wp-login.php links
// www.websitefunctions.comfunction custom_disable_default_login() {
if (strpos($_SERVER['REQUEST_URI'], '/wp-admin') !== false || strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false) {
// Redirect to 404 page
global $wp_query;
$wp_query->set_404();
status_header(404);
get_template_part(404);
exit();
}
}
add_action('init', 'custom_disable_default_login');
// Change login URL to /get-me-in
function custom_change_login_url() {
return home_url('/get-me-in');
}
add_filter('login_url', 'custom_change_login_url');
add_filter('logout_url', 'custom_change_login_url');
add_filter('lostpassword_url', 'custom_change_login_url');
This code does the following:
-
The custom_disable_default_login function checks if the current URL contains "/wp-admin" or "/wp-login.php". If it does, it redirects the user to the 404 page.
-
The custom_change_login_url function changes the login URL to "/get-me-in" using the login_url, logout_url, and lostpassword_url filters.
Remember to test this code on a staging environment before applying it to a live website, as modifying the login behavior can have significant consequences. Also, keep in mind that changing the login URL can enhance security, but it's not a foolproof method, so it's important to implement other security measures as well.