Skip to content
Read For Learn
Read For Learn
  • Database
    • Oracle
    • SQL
  • C
  • C++
  • Java
  • Java Script
  • jQuery
  • PHP
Read For Learn
  • Database
    • Oracle
    • SQL
  • C
  • C++
  • Java
  • Java Script
  • jQuery
  • PHP

using rewrites to secure login page

You can instruct IIS to provide to wp-login a redirect_to parameter towards wp-admin/; this will do the trick:

<rule name="login" patternSyntax="ECMAScript">
     <match url="^loginUrl/?" />
     <action type="Rewrite" url="wp-login.php?redirect_to={UrlEncode:http://{HTTP_HOST}/wp-admin/}" />
</rule>

By the way, thanks for posting this question, it’s helping me to understand better the working of redirects and rewrites in IIS. I found this reference useful: String functions in IIS Rewrite Module

Related Posts:

  1. Does deleting the table users prevent all logins?
  2. wp_verify_nonce vs check_admin_referer
  3. How does admin-ajax.php work?
  4. How to Change the Default Home Page for the WordPress Dashboard?
  5. Securing Admin Accounts – Username Discovery
  6. Cannot access admin panel
  7. Daily notices of failed login attempts for non-existent admin user
  8. Setting Login with User Name and Password default option for Jetpack Admin Login
  9. I keep getting logged out in Firefox
  10. Change WP-Login or WP-Admin
  11. Error thrown. Cannot create references to/from string offsets
  12. Assuming a theme is properly secured, how save is the WordPress admin?
  13. How to determine if an admin is logged in outside the loop
  14. Don’t attribute content to admin users
  15. I want to disable login of admin (/wp-admin) with email and make it accessible only with username
  16. Unable to login, old site with previous developer gone
  17. Using shared SSL for login/admin
  18. wp-login behind nginx reverse-proxy inaccessible — bad redirect?
  19. Can’t access dashboard as administrator, login as any other level works though
  20. WordPress ACL (folder + permissions)
  21. WordPress Admin Login Redirect Problem
  22. Unable to Access WP Admin or Login buttons after Migration
  23. Client system for media review?
  24. WordPress administration Over SSL – To Force SSL Logins and SSL Admin Access
  25. Keep Logged in Users out of Admin Panel
  26. Unable to get to the admin panel
  27. I can’t access the login panel on my offline website
  28. How do I diagnose a plugin resource 404?
  29. WordPress Brute Force Prevention
  30. Admin login not working
  31. Changing admin user id for database
  32. WordPress custom admin functions security
  33. Can’t login to my admin area
  34. Locked out of WordPress website from wrong amount of login attempts
  35. current_user_can(‘administrator’) not working in custom login
  36. Send admin to a different login than users?
  37. Want to know who is login Admin/User
  38. Remove iPhone detection on login page
  39. Any known plugins for master admin login to edit all on front end?
  40. Why does my admin email address keep changing to something random?
  41. Login to admin by frontend form?
  42. Error “Sorry, you are not allowed to access this page”
  43. I can’t access login page
  44. Where to store publicly-accessible files
  45. Admins loggin in to our wordpress site default to the admin page
  46. WordPress login not working
  47. Login to Admin Dashboard Problem
  48. WordPress login process is hanging
  49. WordPress “Hide WP” Gives Me Error After Admin Login [closed]
  50. Scripts are not called until I login from wordpress backend
  51. Disable wp-admin log on lightbox overlay
  52. How to cancel redirection to admin side
  53. Can’t access my wp admin: captcha images invisible, gives me error message
  54. 2FA for admin login only, is it doable?
  55. Unknown phantom user “wordpress” created with admin privileges
  56. How to Fix ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY in IIS on Windows Server 2016
  57. What are the standard admin CSS id/class tags?
  58. Admin Ajax is returning 0
  59. Add custom column to Users admin panel
  60. What’s the easiest way to stop WP from ever logging me out
  61. Is there any way to rename or hide wp-login.php?
  62. Add a Separator to the Admin Menu?
  63. How to determine whether we are in add New page/post/CPT or in edit page/post/CPT in wordpress admin?
  64. how to know if admin is in edit page or post [duplicate]
  65. Increase of failed login attempts, brute force attacks? [closed]
  66. Modal window from within WordPress admin
  67. Where in WP can I check history or log of updates of plugins etc?
  68. Adding a custom admin page
  69. How to remove entire admin menu?
  70. How do I remove dashboard access from specific user roles?
  71. How can I speed up my WP admin section?
  72. How to pass parameters to admin_notices?
  73. Admin: very slow edit page caused by core meta query
  74. if admin is logged in
  75. Search posts by ID in admin
  76. Setting admin edit panels & metaboxes positions and visibility for ALL users and admins
  77. Find out which moderator approved comment?
  78. The website cannot display the page
  79. How To Remove WordPress Version From The Admin Footer
  80. Sort pages in loop by admin’s page attributes order field?
  81. Edit “thank you for creating with WordPress” in version 3.3.1
  82. Hide other users’ posts in admin panel
  83. Set Default Admin Colour For All Users
  84. Editor Styles and Typekit
  85. WordPress admin stylesheet
  86. This CSS Stuffing Works, But Is This A Good Practice?
  87. Is it possible to create a WordPress tour? V3.3.1
  88. is_admin() returns true when using admin-ajax.php from front end script
  89. How to save dismissable notice state in WP 4.2?
  90. How do I optimize a custom post type admin page with 25,000 posts?
  91. Settings API – adding setting fields dynamically?
  92. Disable Media Uploads to non Admin Users
  93. How do I load a CSS style into WordPress admin area only?
  94. Allowing admin-ajax.php to receive “application/json” instead of “x-www-form-urlencoded”
  95. Can an admin check passwords of registered users?
  96. How can I target WordPress 3.8 new interface MP6 with CSS?
  97. Notification that the admin is online
  98. Can someone explain what wp_session_tokens are, and what are they used for?
  99. Does wordpress create activity, update logs?
  100. sort child pages on admin
Categories admin Tags admin, iis, login, security
404 error using Meta for Permalink rewrite
Get a row from a separate table by matching a posts meta_key to a tables ID column

Recommended Hostings

Cloudways: Realize Your Website's Potential With Flexible & Affordable Hosting. 24/7/365 Support, Managed Security, Automated Backups, and 24/7 Real-time Monitoring.

FastComet: Fast SSD Hosting, Free Migration, Hack-Free Security, 24/7 Super Fast Support, 45 Day Money Back Guarantee.

Recent Added Topics

  • Bug in translation system: load_theme_textdomain() returns true, files are available and accessible but the language defaults to english
  • Custom Elementor controls not appearing in the widget Advanced tab using injection hooks
  • Get the name of the template/*html file used
  • Trying to Add Paging to Single Post Page
  • Sharing media files between live and staging servers
  • How to display the description of a custom post type in the dashboard?
  • Critical error on image display
  • Copying WP data and files into new install?
  • How to determine the DirectAdmin WordPress backup date?
  • How to get list of ALL tables in the database?
© 2026 Read For Learn
  • Database
    • Oracle
    • SQL
  • algorithm
  • asp.net
  • assembly
  • binary
  • c#
  • Git
  • hex
  • HTML
  • iOS
  • language angnostic
  • math
  • matlab
  • Tips & Trick
  • Tools
  • windows
  • C
  • C++
  • Java
  • javascript
  • Python
  • R
  • Java Script
  • jQuery
  • PHP
  • WordPress