trik wordpress >> 3 safe steps to change the URL wp-admin folder

credit for http://www.dalih.net/

cange wp-admin URL

One important step to secure your website with wordpress platform is improve security of your admin page. Almost all wordpess administrators know that file system of wordpress contain wp-admin folder. But, did you ever think your website are not safe? (website in this topic is the wordpress CMS). One disadvantage of wordpress is almost all the wordpress administrator knows the name of wp-admin folder. If there is naughty someone (hacker) wants enter into a wordpress admin pages, definitely the main target is the wp-admin folder. But what would happen if the URL of the wp-admin folder, renamed with another name? Say replaced with name ‘secret-folder’. This will cause the hackers find it hard to get into the admin page of your website.

But how to change the URL of the wp-admin folder ?. You can not directly change the name of wp-admin folder, because it will cause the wordpress system is broken.

Below are 3 safe steps to change the URL of the wp-admin folder:

Step 1, Changing the contents of the .htaccess file

The .htaccess file is a configuration file that resides in a directory and indicates which users or groups of users can be allowed access to the files contained in that directory. And with .htaccess file we can create  mirror urls of the original url. Now, go to the file manager of your website and find the .htaccess file in the root folder of your website.

Then add the following code above the code # BEGIN WordPress.

1 2 3 4 5 6

#BEGIN create a mirror of wp-admin folder RewriteEngine on RewriteBase / # Creating a mirror URL of wp-admin folder RewriteRule ^secret-folder/(.*) wp-admin/$1?%{QUERY_STRING} [L] #END create a mirror of wp-admin folder

You must replace the ‘secret-folder‘ word with another name you want. Do not use this word, because this is just an example.

Step 2, Changing constants  ADMIN_COOKIE_PATH

If you just do the first step and without changing the constants ADMIN_COOKIE_PATH, you would just change the URL of the wp-admin folder but you will never succeed to login and get into the admin page. This happens because Constanta ADMIN_COOKIE_PATH still contains the (SITECOOKIEPATH. ‘Wp-admin’). To change it find the file ‘default-constants.php’ in / wp-includes/default-constants.php. Use a file editor to change the contents.
Find the following code:

1 2	if ( !defined('ADMIN_COOKIE_PATH') ) define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . 'wp-admin' );

then replace the word ‘wp-admin‘ to ‘secret-folder‘ or to your liking (the word must be same with the word in the .htaccess file).
so it becomes:

1 2	if ( !defined('ADMIN_COOKIE_PATH') ) define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . 'secret-folder' );

Step 3, Add filter site_url to change all the wp-admin link in the frontpage or the admin page.

Important! If you not do this then all the links to the wp-admin folder will be rejected and redirected to the login page. For example the edit link to post and edit comments no longer works again. So this is an important step.
Now, open the functions.php on the current theme. Add the following code:

1 2 3 4 5 6

add_filter('site_url', 'wpadmin_filter', 10, 3); function wpadmin_filter( $url, $path, $orig_scheme ) { $old = array( "/(wp-admin)/"); $new = array( "secret-folder"); return preg_replace( $old, $new, $url, 1); }

Save and close all files. Finish. Now you can enter to your admin page with new URL ‘http://www.yourdomain.com/secret-folder/’  .
My advice is you must be careful in changing content of .htaccess file. If there are errors you will get server errors. For that you must be do it correctly