Sometimes the smallest of changes can make a huge impact when it comes to performance as well as security. By default, WordPress uses
https://yourdomain.com/wp-admin/ for your login URL. The problem with this is that bots, hackers, etc. all scan for these when looking for vulnerabilities and entry points into your site. We’ve worked with many sites that see 10,000+ failed attempts per day trying to gain access.
By simply changing the login to something more obscure, you can combat this. It’s also great for performance as it decreases bots scraping common areas of your site.
Change WordPress Login URL
Important: If you have another plugin already changing your WordPress login URL, make sure to disable it first before changing it in the perfmatters plugin.
To change your WordPress login URL click into the perfmatters settings and scroll down to “Change Login URL.” You can change this to whatever you want. We recommend getting creative!
When set, this will change your WordPress login URL to the provided string (
https://yourdomain.com/yourstring) and will block wp-admin and wp-login endpoints from being directly accessed.