/ Plugin Category

/ Security & Privacy

/ Security Scanning & Malware Protection

/ WPS Hide Login

WPS Hide Login

By Remy Perona

Security & Privacy / Security Scanning & Malware Protection

WPS Hide Login Review - In-Depth Analysis

Easily change the URL of your WordPress login page to enhance security.

Performance Overview

WPS Score

7.49/10

User Rating

4.8/5 (based on 2107+ reviews)

Active Installations

2,000,000+

Update Frequency

Average It is calculated using the weighted average of same category plugins.

Security Score

1 / 10 (Very Low Risk) It is calculated using the weighted average of all versions.

What It Does

The WPS Hide Login plugin allows you to change the default login URL of your WordPress site to anything you want. This enhances security by making it harder for unauthorized users to access the login page. It does not modify core files or add rewrite rules, ensuring a smooth operation.

When activated, the wp-admin directory and wp-login.php page become inaccessible. Remember to bookmark or note the new login URL. Deactivating the plugin restores the original login functionality.

This plugin is compatible with multisite installations, allowing individual sites to rename their login pages as needed. It works seamlessly with various plugins that interact with the login form, ensuring a reliable user experience.

Comparing to Alternatives

WPS Hide Login is a straightforward plugin designed to change the default WordPress login URL, enhancing security by obscurity. It competes with similar plugins that offer login URL customization with varying features and reliability.

Top alternatives

LWS Hide Login ( WPS: 6.69)
Easy Hide Login ( WPS: 6.82)
SP Move Login ( WPS: 6.8)

Strengths

Simple and lightweight with minimal configuration needed.
Effectively hides the default login URL to reduce bot attacks.
No impact on site performance due to its minimal code footprint.
Compatible with most themes and plugins as it only changes the login URL.

Weaknesses

Does not block login attempts via xml-rpc, leaving a potential security gap.
No built-in recovery option if the custom login URL is forgotten or misconfigured.
Lacks advanced security features like two-factor authentication or IP blocking.
Some users report issues with site redirects and login accessibility after activation.

User Sentiment Analysis

User feedback highlights the plugin's ease of use and effectiveness in reducing bot login attempts, but also points out critical issues affecting site access and functionality.

Positive highlights

"Easy plugin that should be on a starter pack to hide your login from bots." - Jason Ball
"I installed this plug-in, changed my custom url path, and voila! Not a single hack!" - stephgphotos
"Before using this plug-in, my WordPress was getting hit every day with multiple attempted logins." - Jon Guild
"Works great to reduce login attempts significantly." - davidperezh
"Light and easy to use." - Jason Ball

Common complaints

Custom login URL sometimes redirects to 404 errors, locking users out.
Plugin can cause issues with logging out, leaving admin sessions active.
Some users experience site crashes or inability to access admin after activation.
Still occasional login attempts occur due to xml-rpc bypass.

Weaknesses

No protection against xml-rpc login attempts, which can be exploited.
Lack of support for recovery if the custom login URL is forgotten.
Compatibility issues with certain themes or page builders reported.
No advanced security features beyond hiding the login URL.

Who Should Use This?

Best for

Users looking for a simple, lightweight solution to obscure their WordPress login URL and reduce automated login attempts without needing advanced security features.

Not ideal for

Sites requiring comprehensive login security, including protection against xml-rpc attacks, or users who are not comfortable troubleshooting potential login access issues.

Pricing & Value

Free version includes

The free version offers the core functionality of changing the WordPress login URL to a custom path, effectively hiding the default login page from bots and automated attacks.

Final Verdict

WPS Hide Login is a straightforward and lightweight plugin that effectively changes the login URL to reduce bot attacks and enhance security by obscurity. It is easy to use and compatible with most setups, making it a good choice for users seeking a simple solution.

However, it lacks advanced security features and has reported issues with login accessibility and xml-rpc bypasses. Users should be cautious and have recovery plans in place before relying solely on this plugin for login security.

Other Notable Features

Here are a few other notable features of this free WPS Hide Login plugin.

Custom Login Url

Rename

Screenshots

FAQ

Either go to your MySQL database and look for the value of whl_page in the options table, or remove the wps-hide-login folder from your plugins folder, log in through wp-login.php and reinstall the plugin.

On a multisite install the whl_page option will be in the sitemeta table, if there is no such option in the options table.