More often than not i am asked how to hide wp-login.php part of the login and registration URL. For some reasons site owners do not want users to know that they are using WordPress or maybe they just want to have SEO friendly login/registration URL, either way the problem remains.
Recently i took this problem head-on and released a free Custom Login URL (CLU) plugin that allows site owners to customize their: login, registration, password reminder and logout URL. Additionally the redirection URLs allow to select where you want to redirect users on successful login or logout. Whole configuration is neatly embedded into wp-admin / Settings / Permalinks panel as visible below.
So, how this works? First of the plugin requires that you have Permalinks enabled in WordPress configuration, otherwise it won’t work. Once you have the permalinks enabled, you can enter your custom URLs and save them. CLU plugin will save them in DB and in .htaccess file, it will add RewriteRule’s with “QSA” and “L” flags, so basically the new URLs will be just cloaking the old ones. The effect is that users will see new nice URL, but the server request will still go to wp-login.php, ok enough with technical stuff.
Note that this plugin is intended to just show user friendly URLs to user it does not aim to protect you against brute force attacks nor it tries to white label your WordPress login panel, but there are definitely plugins for this in WP plugin repository and you are free to use them along with Custom Login URL plugin.
About Greg Winiarski
Leave a Reply