↑ Return to P30 Plugins for URL

PRIV P38 WP Backend Slug

Page no: P38
Video and Pics

Plugin Hide WP Backend Slug

I am very often on snbchf site during work. But they log all websites and IP addresses and see my internet traffic. Moreover, they block certain sites.

So when I am too often on one site they might wonder what I do, when they look at the logs. Therefore we will also change the URL for our Atlassian site at the end of this month (and we moved most content already)

All sites snbchf, ecoblogs and e-llusion are not blocked.


– use economicblogs.org,

: The same I am often there
– use doc.e-llusion.org
: Just realized now: No SSL, they can read my password.


It makes sense to use three different sites.
E-llusion is one option of becoming the international brand and site (apart from promote author). A good company also needs SSL.


I don’t think it is matter which is the exactly subdomain or domain of our doc site. SSL is not required, too. We have password protection and it is only for our usage. If you have problem with the bank, I think we should change it once a 3 month. So we do not need to pay always for new ssl. We have a lot of domains and we can just change domain and redirect old links to the new ones.

Doc site





Hide the WordPress Backend, so that it cannot be hacked.

Very often it is forbidden to blog. It is not allowed to use internet too much. In order to protect the company, many employers block private email address.

Similarly to email providers, blog sites are particularly interesting because they also allow to upload company or client data. Administrators of the work infrastructure have the possibility to examine all content and all URLs, the whole history of internet activity.


Here we will show a proper way to change the whole admin url. In additional we use brute force protection and another login url. So currently we have a custom login url page and custom admin url.

Solution Overview

The problem is three-fold

  1. Bloggers should use HTTPS in order to prevent that the administrators can see his content and his password
  2. The standard login page should be moved. The example below shows how the WP Security plugin hides the login page.
  3. Hide a part of the URL that is typical for bloggers. This is the  “/wp-admin”


Hidden Login

Case 2: Hidden Login with All in One WP Security

Solution Details

Step 1) Change the wp-config

First we need to change the wp-config adding two new lines of code:

define(‘WP_ADMIN_DIR’, ‘niko2’);


The first link tells that the admin dir is changed and the new is niko2 in our example. The second line of code tells the WP to change the path for the cookies.

Add new URLs into WP-Config

Add new URLs into WP-Config

Step 2) Adding filter in functions.php of the template

After that we need to change the Admin URL into the front-end URLs too. This must be done by functions.php into the template (or the child template). It also can be done creating a new plugin.



    add_filter(‘site_url’,  ‘wpadmin_filter’, 10, 3);

function wpadmin_filter( $url, $path, $orig_scheme ) {
$old  = array( “/(wp-admin)/”);
$admin_dir = WP_ADMIN_DIR;
$new  = array($admin_dir);
return preg_replace( $old, $new, $url, 1);

In our case we should put that code under themes/sahifa-child or themes/graphene-child. Here the code is standard and we don’t need to change anything like in Step 1)

Making a changes in functions.php

Making a changes in functions.php

Step 3) Making the url rewrite on the server

The last step is to make the server rewrite url via .htaccess. It is simple and can be done with this code.

RewriteRule ^niko2/(.*) wp-admin/$1?%{QUERY_STRING} [L]

Here we must to change niko2 to what we want. This code must be put on the top of the htaccess file.

Changes in htaccess

Changes in htaccess

Additional integration

We use this hack above and integrate it into WP Security and now both of them are working. The login URL is the same – niko, but after that we don’t redirect to wp-admin, we redirect to niko2. All the urls and queries are via niko2 and not wp-admin. I think there is no chance to recognized that it is wp-admin. The brute force and Ip protections are still working.



Bug hidden-backend, need more text

Step1: I log in



Step3: Choosing page stats leads to 404Step 3

Instead I must manually modify the URL
into: https://snbchf.com/wp-login.php?redirect_to=https%3A%2F%2Fsnbchf.com%2Fniko %2Fadmin.php%3Fpage%3Dstats&reauth=1


Step 4: I choose the post in the stats, that I want to modify:



Step5, bug: When I press “edit”, the slug /wp-admin is used.Step 5

I can modify the URL and override /wp-admin with /niko.
So I use the URL https://snbchf.com/wp-login.php?redirect_to=https%3A%2F%2Fsnbchf.com%2Fniko %2Fpost.php%3Fpost%3D10706%26action%3Dedit&reauth=1

But this does not work: When I press update then again the /wp-admin URL appears.


Step 5a


Alternative step 5b: I want to edit the Tablepress table and press “edit” for a table.


Step 5b



Step2: I arrive in the WordPress dashboard.

Step 2
Step6: Again the slug /wp-admin is displayed.


Step 6b


Tags: ,

See more for P3x Plugins for URL