Renaming wp-admin without hard-coding it. Is it really possible?

For a fully-working solution, you will need to modify certain hard-coded urls in core files, which is not fun to have to do each time WP is upgraded.

One easier option is to protect the wp-admin folder with an .htaccess file. You could basically deny all IP addresses and whitelist the few IP’s that you or your editors might use. You could also use HTTP AUTH to add another layer of password protection. It will prevent unauthenticated users from viewing the wp-login page.

And regarding renaming your folder, I’m not sure that it will really make your site more secure. For example, if you use any AJAX plugins, a hacker will know your admin folder location right away! And there are other simple ways to determine it as well…

Related Posts:

  1. Can I rename the wp-admin folder?
  2. What is the best method to close off the backend?
  3. Change Login URL Without Plugin
  4. Share same domain for wp-admin but for different website
  5. Securing wp-admin folder – Purpose? Importance?
  6. Can I rename the wp-admin folder?
  7. Options for restricting access to wp-admin
  8. How to change “wp-admin” to something else without search-replacing the core?
  9. Block access to wp-admin
  10. Change WP-Login or WP-Admin
  11. Should I add the IP of the server that hosts my sites to the list of authorized IPs in the wp-admin/.htaccess?
  12. FORCE_SSL_ADMIN not working
  13. Limit access to wp_admin
  14. I want to disable login of admin (/wp-admin) with email and make it accessible only with username
  15. password reset link being sent as HTTP?
  16. How to Change The WordPress Login URL Without Plugin
  17. 404 redirect wp-login and wp-admin after changing login url [closed]
  18. Logout USER form backoffice after 30 minutes of inactivity [closed]
  19. Do I have to face security problems if I changing default role to Contributor
  20. Hide username discovery
  21. Efficient way to check local WordPress php files and Database for malicious code? [duplicate]
  22. Need help for WordPress User Session Management?
  23. Developer/Designer asking for admin access
  24. Is WordPress secure enough for a multi-user article directory?
  25. Can I rename the wp-admin folder?
  26. CSRF attack to create USER
  27. Can I rename the wp-admin folder?
  28. Why WordPress not logout after I have close my browser?
  29. How to protect wp-admin from third party access?
  30. Couple questions about .htaccess, login page, updates
  31. is exposed wp-admin site a serious security vulnerability
  32. How to restrict dashboard access to Admins only?
  33. How to remove screen options and help links in the admin area?
  34. I’m getting a 404 message when I try to access wpadmin
  35. wordpress wp-admin css not loading
  36. Check if user is admin by user ID
  37. Highlight custom widgets in the admin area?
  38. wp-admin produces a 302 redirect to itself
  39. create users to site with specific language
  40. Hide a page in the admin end without a plugin?
  41. Restrict access to admin but allow admin_post hook
  42. How to set custom editor style when editing the homepage?
  43. How to disable or hide “collapse menu”
  44. Login to wp-admin “redirect_to” points to wrong URL after migration
  45. TinyMCE Autoresize
  46. WordPress wp-admin suddenly lost its style
  47. After changing Site url to https, can’t access login page
  48. Add custom content in user-edit.php page
  49. How to use Yoast SEO backend in english even if WPLANG variable is not english?
  50. How can I add my script to admin using script-loader.php?
  51. Admin first hook that outputs HTML?
  52. To remove default dashboard items and add quick draft widget for custom post type
  53. Why am I unable to login after converting to www?
  54. why my menu is not appearing on the admin panel
  55. Can’t access WordPress as an admin – but I can log in as a user!
  56. How to create a WP Admin user in phpMyAdmin for WordPress 4.6
  57. How do I host WordPress on a hidden domain through a reverse proxy?
  58. Add javascript confirmation popup on “Move to Trash” link
  59. Users disappeared from wp-admin
  60. 404 error comes up when I go to wp-admin after first installation [closed]
  61. Is there a quick way to find out what posts haven’t been tagged?
  62. WordPress (behind HAProxy and Jetty), not multisite, in sub folder – and /en/wp-admin/ keeps redirecting to /wp-admin/
  63. Created a new subdomain with same content. Should I add a redirect in my old subdomain?
  64. WordPress isn’t reflecting changes I make to a specific file via FTP [closed]
  65. What are the requirements to make the admin toolbar show up on the front end
  66. Sorry, you are not allowed to access this page
  67. Screen Options & Help Buttons not working when including Bootstrap Css
  68. edit.php alter links
  69. Cannot access WordPress login pages
  70. How to get Role Subscribe Users on Admin Menu only in Pages in WordPress
  71. Custom Admin Pagination links
  72. Have different site location for wp-admin in IIS
  73. Lost administrator privileges and can’t find a fix
  74. Why does do_robots() Allow: /wp-admin/admin-ajax.php by default?
  75. What is the meaning or function of this notice?
  76. How to set where user is redirected to after logging in at wp-login?
  77. How to Find The Email of a WP Admin Account
  78. how can I change the font on Edit Post area (admin dashboard)
  79. External HTTP API calls slowing down WordPress admin [closed]
  80. Why is my ‘export’ option missing?
  81. jQuery UI Datepicker error
  82. Can’t connect to WP-Admin, blank error message
  83. 404 errors when updating options in admin dashboard
  84. WordPress /wp-admin redirect to wrong port in docker
  85. Enable Excerpt field inside the post editor for pages
  86. Failed to load resource: the server responded with a status of 500 (Internal Server Error)
  87. Strange Popup Ad on my WordPress Admin Dashboard
  88. WordPress switch domains
  89. Trying to list user and post information from (wp_includes/post.php ) causes Fatal error
  90. Get Post ID in Admin Edit screen otherwise generate it?
  91. Cannot login in WordPress even after changing hash password in phpmyadmin
  92. Can’t log into WordPress after domain change
  93. Trying to use and understand JSON API and get_posts
  94. How can visitors redirect wp-admin to the homepage?
  95. Creating your own options-general.php page
  96. I want to know if it’s good for SEO [closed]
  97. My website’s wp-admin redirects to another website’s wp-admin after pointing the site url to a subdirectiory
  98. Redirecting the user to the admin table area after publishing a post, getting an invalid response error?
  99. How can you change the admin dashboard URL without symlinking?
  100. Degraded WordPress admin dashboard performance [closed]