Why Your Website Is Vulnerable If Others Know A Login

You should enter a login and a password to access any WordPress website. You know that the access code should be kept safer than a login. It’s a wrong mindset. If a hacker knows the admin login, he can guess the password and hack the website easier. And it’s not hard to find out what the admin login is if a webmaster didn’t take security measures. Today we will tell you the basics about the WordPress login, security vulnerabilities, and how to hide WordPress login and prevent your website from external attacks.

Can Other People See My Login?

Open any browser, enter the WordPress website URL and add the following phrase ?author=1

It should look like this:

http://site_name.com/?author=1

How To Find And Hide WordPress Login

site_name.com is your website name, “1” indicates to the first registered user. Usually, it’s the administrator. If you fill in another number and press Enter you can find other users’ logins.

http://site_name.com/author/user1983

In result, you’ll see the URL with the administrator login. In our case, it’s “user1983

How To Find And Hide WordPress Login

Fixing The Vulnerability

If you’ve discovered that anyone can see your login (and most likely the can!) it’s time to take actions. We will show you two ways of fixing this vulnerability. In result, the WordPress website security will increase significantly.

How To Hide WordPress Login Using Clearfy

You can use Clearfy and hide your WordPress login in no time. Download, install and activate the plugin. Go to Settings => Clearfy menu.

How To Find And Hide WordPress Login

Go through settings and find Security. Search for Hide author login option. Press ON to activate the feature. Save the changes.

How To Find And Hide WordPress Login

Check the results. Enter the following URL to the browser: http://site_name.com/?author=1. You should be redirected to the main page, and the author login is no longer displayed. The address now looks this way: http://site_name.com.

How To Hide WordPress Login Using The Code

Another option is to hide WordPress login using the code. Open the .htaccess file and add the following code on the bottom of the file:

RedirectMatch Permanent ^/author/login-admin https://site_name.com

Note: enter your actual login instead of “login-admin”. Re-check the result.

Conclusion

We’ve offered you two solutions to hide WordPress login: with the Clearfy plugin or code snippets in .htaccess. It’s up to you, which option you choose. However, consider all the pros and cons of each solution. With Clearfy you may not see the result immediately. This happens if the page hasn’t been cached. However, it’s a fast and safe solution. Changing the code is risky; any errors in .htaccess can seriously damage your website. But you will definitely improve your coding skills. If you are interested in the website security, make sure to read How To Hide Authorization Errors.

Scroll to Top