Move Login
Move Login Install Statistics
Try plugin: Move Login
We'll create fresh WordPress site with Move Login installed. You have 20 minutes to test the plugin after that site we'll be deleted.
About Move Login
Change your login URL for something like https://example.com/login and stop login brute-force attempts.Description
This plugin forbids access to https://example.com/wp-login.php and creates new urls, like https://example.com/login or https://example.com/logout.
This is a great way to limit bots trying to brute-force your login (trying to guess your login and password). Of course, the new URLs are easier to remember too.
Also remember: the use of this plugin does NOT exempt you to use a strong password. Moreover, never use “admin” as login, this is the first attempt for bots.
By the way, if you are looking for a complete security solution, take a look at SecuPress: Move Login is included inside.
Multisite
Yes! The plugin must be activated from your network.
Note 1: this plugin deals only with wp-login.php, not with wp-signup.php nor with wp-activate.php (yet). That means https://example.com/register will still redirect to https://example.com/wp-signup.php. I think this will be the next step though, but no ETA.
Note 2: if users/sites registrations are open, you shouldn’t use this plugin yet. There are some places where the log in address is hard coded and not filterable. A bug ticket is open.
Requirements
- As of version 2.4, at least PHP 5.3 is required.
- You will need a FTP access: if the
.htaccess/web.configfile is not writable (you will need to add the given rules manually), or if something is wrong and you can’t log in anymore (see the FAQ in that case). - Should work on IIS7+ servers but not tested (I guess you should probably save a copy of your
web.configfile before the plugin activation). - For Nginx servers, the rewrite rules are not written automatically of course, but they are provided as information in the plugin settings page.