Title: Admin: Change Admin Login Path Last modified: August 23, 2021 --- # Admin: Change Admin Login Path * Resolved [themuttfactor](https://wordpress.org/support/users/themuttfactor/) * (@themuttfactor) * [4 years, 9 months ago](https://wordpress.org/support/topic/admin-change-admin-login-path/) * I have seen some plugins that change the path of the admin so that you can change your login from mysite.com/wp-admin to mysite.com/myadmin or whatever. * Why doesn’t WordFence offer this or is this not necessary? * Thanks, Lisa Viewing 2 replies - 1 through 2 (of 2 total) * [WFSupport](https://wordpress.org/support/users/wfsupport/) * (@wfsupport) * [4 years, 9 months ago](https://wordpress.org/support/topic/admin-change-admin-login-path/#post-14798928) * Thanks for reaching out. I’ll be happy to explain. * Changing the login URL is a feature we do not include in Wordfence. Though it is something that many people swear by and can help a little in certain situations it’s ultimately not very beneficial. These are the reasons why: * 1. **Changing WordPress URLs involves a risk of breaking functionality of WordPress themes and plugins.** For example, WordPress JavaScript XMLHttpRequest object( AJAX) functions are triggered via admin-ajax.php which is located in wp-admin folder. Changing /wp-admin is a URL but it is also a folder path. We have seen plugins that change the admin URL break this functionality unintentionally, but it causes confusion as to what happened, what went wrong, and what was to blame.. * 2. **Changing the URL makes us _feel_ more secure but it does not actually make the site more secure. ** It is what many security analysts refer to as “security through obscurity”. It’s like boarding up the front door of your home to protect yourself against a burglary. Someone looking for a quick break in may be deterred, but any seasoned thief is just going to go look for another door or window to get in. Any serious attacker can and will anticipate this and look for other ways in too. * 3. **Over half of all login attempts that are made on WordPress sites are made via xmlrpc.php. ** Those will not be stopped by changing your admin URL. Our Wordfence Login Security and Wordfence plugins offer the option to block XMLRPC or at least require 2FA with authentication requests using XMLRPC on the Login Security > Settings page. * Additionally, if you change the wp-admin or wp-login URLs you also lose visibility on who is attempting to log in to your site and when they are doing it since we’re not looking for logins on a random URL that you created. * What we recommend as a basic means of reducing login attempts is to use Country Blocking (available in the Premium Wordfence plugin only) to restrict access to your login only to countries that you are yourself going to log in from. This will make login via wp-login.php and xmlrpc.php only available from your country. Or by using the Brute Force Protection settings and by blocking XMLRPC like I mentioned before. Also using the 2FA functionality **we give you for free** in Wordfence and Wordfence Login Security will greatly reduce the risk of a compromise. * I hope my answer helps you understand our position on this. * Tim * Thread Starter [themuttfactor](https://wordpress.org/support/users/themuttfactor/) * (@themuttfactor) * [4 years, 9 months ago](https://wordpress.org/support/topic/admin-change-admin-login-path/#post-14800976) * Tim, * THANK you very kindly for your detailed response. I’ve been reading up on this topic and people do insist that you change the admin URL, however when I didn’t see this option in WordFence, I became curious as to why. * And thanks for explaining the country blocking – it’s a feature that seems well worth it. * Finally, thanks for making a free version of this available. I do plan on the upgrade to Pro. * Lisa Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Admin: Change Admin Login Path’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) * 2 replies * 2 participants * Last reply from: [themuttfactor](https://wordpress.org/support/users/themuttfactor/) * Last activity: [4 years, 9 months ago](https://wordpress.org/support/topic/admin-change-admin-login-path/#post-14800976) * Status: resolved