Currently, I’m still struggling with CapCut to translate my videos into English using the AI-Video-Translator. Until then, only the texts will be available in English.
Normally, access to the WordPress backend is achieved by appending /wp-admin or /wp-login.php to the domain. Example: aleksandra.pictures/wp-admin
An attacker can easily determine if a website uses WordPress as a CMS and thus access the login page via /wp-admin. Since “admin” is the most common username, they can start guessing passwords.
The simplest and quickest measure to protect against such an attack is to change /wp-admin to a new, unique, and secret address. Example: from aleksandra.pictures/wp-admin to aleksandra.pictures/goodluckfindingthis
Steps to change the login URL:
- WordPress backend - Dashboard - Plugins - Add New - Search: “WPS Hide Login” - Install - Activate
- Dashboard - Settings - “WPS Hide Login” - Login URL: Enter new, unique, secret URL - Save (NOTE: Remember or write down the new URL!)
Avoid conflicts:
Dashboard - Settings - Discussions - Other Comment Settings - Uncheck “Users must be registered and logged in to comment”
Log out:
Top right - “Log Out”
Test:
- Previous login page: …/wp-admin - It should now display a 404 page.
- New login page: …/goodluckfindingthis (as entered earlier under “Settings - WPS … - Login URL”)