Renaming wp-admin without hard-coding it. Is it really possible?

For a fully-working solution, you will need to modify certain hard-coded urls in core files, which is not fun to have to do each time WP is upgraded.

One easier option is to protect the wp-admin folder with an .htaccess file. You could basically deny all IP addresses and whitelist the few IP’s that you or your editors might use. You could also use HTTP AUTH to add another layer of password protection. It will prevent unauthenticated users from viewing the wp-login page.

And regarding renaming your folder, I’m not sure that it will really make your site more secure. For example, if you use any AJAX plugins, a hacker will know your admin folder location right away! And there are other simple ways to determine it as well…

Related Posts:

  1. Can I rename the wp-admin folder?
  2. What is the best method to close off the backend?
  3. Change Login URL Without Plugin
  4. Share same domain for wp-admin but for different website
  5. Securing wp-admin folder – Purpose? Importance?
  6. Can I rename the wp-admin folder?
  7. Options for restricting access to wp-admin
  8. How to change “wp-admin” to something else without search-replacing the core?
  9. Block access to wp-admin
  10. Change WP-Login or WP-Admin
  11. Should I add the IP of the server that hosts my sites to the list of authorized IPs in the wp-admin/.htaccess?
  12. FORCE_SSL_ADMIN not working
  13. Limit access to wp_admin
  14. I want to disable login of admin (/wp-admin) with email and make it accessible only with username
  15. password reset link being sent as HTTP?
  16. How to Change The WordPress Login URL Without Plugin
  17. 404 redirect wp-login and wp-admin after changing login url [closed]
  18. Logout USER form backoffice after 30 minutes of inactivity [closed]
  19. Do I have to face security problems if I changing default role to Contributor
  20. Hide username discovery
  21. Efficient way to check local WordPress php files and Database for malicious code? [duplicate]
  22. Need help for WordPress User Session Management?
  23. Developer/Designer asking for admin access
  24. Is WordPress secure enough for a multi-user article directory?
  25. Can I rename the wp-admin folder?
  26. CSRF attack to create USER
  27. Can I rename the wp-admin folder?
  28. Why WordPress not logout after I have close my browser?
  29. How to protect wp-admin from third party access?
  30. Couple questions about .htaccess, login page, updates
  31. is exposed wp-admin site a serious security vulnerability
  32. Can a user submit requests to wp-admin/admin.php without logging in?
  33. How to restrict dashboard access to Admins only?
  34. How to disable the “Post Lock/Edit Lock”?
  35. How can I control the position in the admin menu of items added by plugins?
  36. Check if user is admin by user ID
  37. Unable to login to my wordpress site. reauth=1 redirection loop
  38. Highlight custom widgets in the admin area?
  39. Can I add custom attributes while adding inline scripts?
  40. create users to site with specific language
  41. Hide a page in the admin end without a plugin?
  42. Prevent from deleting any user role but subscriber
  43. Disable sticky posts feature
  44. Hide username from users list
  45. Remove HTTP: from the site URL and just keep // in it
  46. Prevent Admin gui output from page added using add_submenu_page
  47. wp-admin blank in a clean install of WordPress on PHP 5.4 [closed]
  48. How to use Yoast SEO backend in english even if WPLANG variable is not english?
  49. Admin first hook that outputs HTML?
  50. WP Database Error (Windows Server 2008 & SQL Server)
  51. wp-admin edit user url wont show up correct url [closed]
  52. Which HTTP headers to use for subdomain embedding?
  53. To remove default dashboard items and add quick draft widget for custom post type
  54. Can enter wp-admin when logged in with custom ajax
  55. lock meta box position on post edit screen for contributors
  56. map_meta_cap was called incorrectly error?
  57. How do I host WordPress on a hidden domain through a reverse proxy?
  58. Clicking On View Post In Draft Opens New Tab
  59. How to set admin login page as home page
  60. Users disappeared from wp-admin
  61. Created a new subdomain with same content. Should I add a redirect in my old subdomain?
  62. Placing a custom Control element in an existing block InspectorControls panel
  63. What are the requirements to make the admin toolbar show up on the front end
  64. Sorry, you are not allowed to access this page
  65. wp-admin folder removed by hacker [closed]
  66. Cookie Domain is preventing Admin login
  67. How to use the built in tooltip for form validation error messages in WP admin plugin?
  68. _wpnonce blank screen
  69. Register page in admin area
  70. Removing Dashboard Menu Items Through The Database
  71. “WordPress installations is currently out of date” problem with difficult situation [closed]
  72. Cannot redeclare wp_update_core()
  73. Remove WP Admin Menu Items by User Role
  74. Our Team not showing on website [closed]
  75. Get current session in WP admin
  76. Strange problem with HIdden Input field and WPAlchemy
  77. How to remove the Login Customizer menu from the WordPress dashboard
  78. How to add a field on the user creation page?
  79. How to check if a user is in a specific role?
  80. Login redirect_to url is pointing to a url with the port
  81. data-vocabulary.org schema
  82. Unable to access my page or WP Admin
  83. How to move “Collapse Menu” to top of admin bar?
  84. I cannot get the “Read More” button to work!
  85. Show comments in Backend
  86. Child theme loses wp-admin styling
  87. Conditions for admin get_current_screen action parent_file edit.php?post_type=page
  88. Admin section showing CUSTOM Permalink structure thus resulting in permission error [closed]
  89. Hook into backbone to add js to wp-admin -> media library?
  90. Weird admin area
  91. Renaming child-theme folder fixed wp-admin blank
  92. Unable to access dashboard (wp-admin) only
  93. is_admin() conditional statement
  94. Admin Login page not working at all
  95. Non Object Notice Error – How to fix please
  96. wha does the following function remove from wordpress users admin area? [closed]
  97. Why when I click on a link into the WP admin panel I am redirected to a link that doesn’t contains wp-admin prefix, so I obtain 404 error
  98. How to make the Panel // WP-Admin lighter via Mobile
  99. React Material UI and WordPress Admin Area
  100. WordPress Add/Edit Post right admin sidebar change title