How to Find and Change Your WordPress Login URL
The WordPress admin dashboard contains everything you need to build, manage, and maintain your website. However, if you want to access this central hub, you’ll need to master the WordPress login page.
That’s why we’ve created this complete guide to the WordPress login URL. By familiarizing yourself with this crucial page, you’ll have no problems accessing the admin dashboard – even in the worst-case scenario where you forget your WordPress password or encounter login error messages.
In this post, we’ll discuss why the WordPress login page is so essential and how you can protect it against hackers. We’ll then look at some of the most common WordPress login problems and show you how to fix them. Let’s get started!
WordPress Login URL 101: An Introduction to the WordPress Login Page
The WordPress administration dashboard is your site’s central hub. Here you can create content such as blog posts and web pages. You can also perform essential maintenance tasks, including updating plugins and installing new versions of WordPress core:
If a hacker gained access to your dashboard, they could wreak havoc across your WordPress website. In the worst-case scenario, they might even delete your site entirely.
For this reason, WordPress protects the dashboard area with a login screen:
By default, you’ll need to enter your WordPress username and password to gain access to your administrative dashboard. Furthermore, some website owners choose to boost their login screen’s security using additional measures such as Two-Factor Authentication.
If you cannot access your site’s login area, it’s practically impossible to make changes to your site. You’re essentially demoted from website owner to web visitor.
How to Find the WordPress Login URL
If you haven’t modified the login URL, you can access this form by adding either “/login”, “/admin”, or “/wp-login.php” to the end of your site’s URL, like “www.mywebsite.com/wp-login.php”.
If you’ve installed WordPress on a subdomain (“blog.mywebsite.com/”) or a subdirectory (“www.mywebsite.com/wordpress/”), you’ll add the corresponding path to the end of your URL.
For example, you might type “www.mywebsite.com/wordpress/wp-login.php” or “blog.mywebsite.com/login”.
For added convenience, many hosting providers enable you to access the WordPress admin area directly from your hosting panel. For example, at WP Engine, we provide Seamless Login.
With Seamless Login, you don’t need to remember a separate set of credentials for each of your sites. Instead, you can simply log in to your WP Engine user portal and access each website’s admin dashboard with the click of a button.
To start, log in to your WP Engine User portal. You can then find the domain in question and click on its three-dotted icon. From here, select WP Admin:
You should now have access to the WordPress dashboard. Alternatively, you can click on the domain in question, which will open a screen containing information about this particular website. You can then select the WP Admin link at the top of the screen, which will take you to the corresponding admin dashboard.
How to Remember the WordPress Login URL
Once you’ve reached the login page, you may want to consider bookmarking it in your preferred browser. This ensures that your login form is only ever a click away:
The WordPress login page also features a Remember Me option. When selected, you’ll remain logged into the admin dashboard for 14 days or until you change your browser’s cookie settings.
This is a very convenient feature, but it means that everyone who has access to your browser can also reach the admin dashboard. For this reason, you should only activate Remember Me on a computer where you’re the sole user for the WordPress account. Alternatively, you can create a WordPress user login for other team members to have access to the website as registered users.
If you decide to use Remember Me, then by default, you’ll need to select this checkbox every time you access the login screen. WordPress will revert to manual login if you forget to enable this checkbox.
For this reason, you may want to install the Always Remember Me plugin:
This plugin will keep you logged in by default. After activating this plugin, navigate to Settings > Remember Me:
You can now make Remember Me the default login for all users or specific accounts only. You can also specify the maximum number of days that WordPress should keep the current user logged in.
How to Change Your WordPress Login URL
Security is a massive concern for most website owners. However, WordPress is a particularly attractive target for hackers. If an attacker manages to exploit a vulnerability in WordPress, they could potentially use the same attack against over 40 percent of the web.
With this in mind, it’s unsurprising that attacks against WordPress are on the rise. During the first six months of 2021, the Wordfence Web Application Firewall (WAF) blocked over 4 billion malicious requests.
There are various ways that hackers may try to break into your site. However, brute-force attacks are particularly worrying.
During one of these attacks, a hacker attempts to force their way into your dashboard using hundreds or thousands of known login details. Some attackers even use automated scripts to bombard your login form with WordPress password and username combinations. This approach means that hackers could potentially access your admin area without ever knowing your login credentials.
To make matters worse, anyone can access your WordPress login form simply by adding “/login”, “/admin”, or “/wp-login.php” to your domain name. To make life more difficult for hackers, we recommend changing your default URL to something that isn’t easy to guess.
WPS Hide Login is a simple plugin that enables you to create a custom login address:
This plugin is also compatible with several popular solutions. These include the BuddyPress plugin, WPS Limit Login, and Jetpack:
After activating WPS Hide Login, navigate to Settings > WPS Hide Login. Now, scroll to the bottom of this screen:
In the Login URL field, enter a new address. When protecting your site, longer and more complex URLs are better. If you’re concerned that you may struggle to remember your new URL, you can always bookmark it.
How to Restore the Default WordPress Login URL
A custom login URL can protect your admin area against hackers. However, you may need to restore the default login address at some point. For example, you might be handing the site over to a WordPress client who has requested you make this change.
If you have access to the WordPress dashboard, you can either deactivate the WPS Hide Login plugin or navigate to Settings > WPS Hide Login. You can then re-enter the default URL.
However, you may not always have access to the WordPress admin dashboard. For instance, perhaps you’ve forgotten your custom login URL.
If this occurs, then all is not lost. As long as you can connect to your server via File Transfer Protocol (FTP) using a client such as FileZilla, you can remove the WPS Hide Login plugin from your website. WordPress will then automatically revert to its default behavior. You’ll now be able to access your WordPress login form at the original address.
After connecting to your server over FTP, navigate to the wp-content/plugins folder:
You can now find the wps-hide-login folder and delete it. This action will remove the plugin, and you can once again access the login form at the default WordPress URL.
How to Fix the Most Common Problems With WordPress Login (2 Issues)
The login page is the gateway to your website. If you can’t access this page, you’re a website visitor rather than a site owner.
Since it’s such a vital page, you’ll want to resolve any login-related issues as quickly as possible. With that in mind, here’s how to fix the most common login problems.
1. Forgotten Password
WordPress may display the following error when attempting to log into your account: “The password you entered for the username X is incorrect”.
If you encounter this message, it’s always worth re-typing your password carefully. There’s a chance that something as simple as a typo may be causing this problem:
If this doesn’t fix the issue, you may have entered an incorrect password. In this scenario, you can click on the Lost your password link. This launches a screen where you can enter either your username or email address.
WordPress will then send a password reset email to the address associated with your account. You can open this message and follow the instructions to create a new password.
If you’re unable to reset your password using this method, you can change your login details using the phpMyAdmin tool. This method requires editing your database files, so we recommend creating a full backup before proceeding:
The way you access your phpMyAdmin tool varies between WordPress hosting providers. For example, WP Engine customers can log in to the user portal and select the domain in question. Then, click on the phpMyAdmin link:
This launches phpMyAdmin in a new tab. In the left-hand menu, select your database, followed by wp_users:
You can now find your user account and click on its accompanying Edit link. In the user)_pass column, enter a new password:
Next, open the accompanying dropdown and select MD5. To save your changes, click on Go. You can now head over to your login screen and put your new password to good use.
2. Cookies Blocked or Unsupported
Sometimes, you may encounter the following error after several login attempts to access your account: “Cookies are blocked or not supported by your browser”. WordPress’s login page requires cookies, so this problem typically means that cookies are disabled or not working correctly.
Resolving this issue may be as simple as refreshing your browser. If WordPress is still displaying an error message after performing this action, we recommend verifying that cookies are enabled in your browser.
This process will vary depending on your web browser. You may need to refer to the official documentation for more information.
For example, Apple has a complete guide to managing cookies in Safari. Alternatively, Google Chrome users can modify their settings by selecting the three-dotted icon in the upper-right corner:
Then, select Settings > Privacy and security > Site settings. Next, click on Cookies and site data:
You can now enable Allow all cookies if it wasn’t already activated. If you’re still struggling to log in after making this change, you can try clearing your browser cache. Once again, this process will vary, but Chrome users can click on the three-dotted icon and then select More tools > Clear Browsing Data.
If none of the above fixes work, you can try adding some code to your site’s wp-config.php file. After connecting to the server using an FTP client, navigate to your website’s root folder:
Now locate the wp-config.php file. Click on this file, and then select Open:
This will launch wp-config.php in your default text editor. Now, locate the following line:
/* That’s all, stop editing!…*/
Directly above this line, add the following code:
define(‘COOKIE_DOMAIN’, false);
You can now save your changes. Then, head over to your login page and check to see whether you can now access your account.
A Seamless WordPress Login Page Experience
You’ll have no issues accessing the WordPress login page URL and logging into your account most of the time. However, if you encounter problems with this page, you could lose admin access to your website forever.
We recommend changing your default WordPress login URL with a plugin like WPS Hide Login. Furthermore, WordPress has a user-friendly password reset system if you get locked out of your account. Alternatively, if WordPress is complaining about cookies, you can try clearing your browser’s cache.
When you encounter issues with your WordPress website, it helps to have an expert in your corner. At WP Engine, we offer 24x7x365 customer support. Whether it’s 2PM or 2AM, our team of WordPress specialists can be on-hand to resolve any issues you’re experiencing with the login page – and beyond.
