login url: change from mysite.com/wp/wp-admin to mysite.com/wp-admin

  • Since my question is about something I’ve done
    that seems to be working properly, but I want to
    know if I’ve compromised my site security by doing it,
    in the following, I’ve changed my site and subfolder names
    to make my question easier to understand

    1. I’ve installed my wp site into a subfolder at www/wp

    2. I then followed the instructions in the codex
    at codex.www.ads-software.com/Giving_WordPress_Its_Own_Directory

    3. Everything works as it is supposed to
    My site is accessible at https://mysite.com
    My login screen is accessible at https://mysite.com/wp/wp-admin
    So far… so good

    4. Because I wanted to be able to login from https://mysite.com/wp-admin
    (in the usual way), I created a subfolder in the root.
    It’s called wp-admin ( it’s at www/wp-admin )

    5. So now, I have www/wp/all_my_wordpress_stuff
    and I also have www/wp-admin

    6. Into www/wp-admin, I put an index.php file that
    contains only the following php code:

    ` <?php
    require_once( ‘../wp/wp-admin/index.php’ );`

    7. Now I can login from https://mysite.com/wp-admin in the usual way

    8. My Question: Is there a downside to this.
    Do I risk scrambling any wordpress files?
    Will I compromise the security of my site by doing this?

Viewing 6 replies - 1 through 6 (of 6 total)

  • Why don’t you just fix the problem instead of treating the symptom?

    Backup and download your site. Then use something like UpdraftPlus (or comparable) and re-install your website in the root folder of the domain name.

    Also, you might be able to just change the domain names root directory to the wp folder.

    • This reply was modified 8 years, 4 months ago by agentmoller001. Reason: Added more content
    • This reply was modified 8 years, 4 months ago by agentmoller001. Reason: Edited with better solution
    Thread Starter derajderaj

    (@derajderaj)

    Hi agentmoller001,

    I guess that I wasn’t clear in my original post: I need to have wp in a subfolder because later on there will be a few more subfolders with different installations of WP in them. I want to be able to switch between them easily on a seasonal basis. With my current setup I’m not having any problems. I needed to have a simple way (without having to remember the name of each seasonal subfolder) of logging in. I wanted to make it easy for my office staff too.

    With the solution I’ve found, I’ll just have to change a few lines of code four times per year… by doing so, the admin url will remain the same all year long.

    My question is only about the safety of solving the problem of the admin url the way I did.
    Before asking this question I searched google and the forums for a method of accomplishing what I’ve done with my ‘fake wp-admin’ subfolder but I couldn’t find any instructions for doing it. Now that I’ve figured out a way, I want to know if the method is safe and secure.

    Thanks for posting,
    Deraj

    Gotcha. I understand your question, but I don’t know the answer.

    Safe Alternative –
    Why not just create an alias, symlink, or CNAME (login1.yourdomain.com, login2.yourdomain.com, etc.) and map it to the appropriate files/folders? The you wont have to worry about your current security question.

    Mike M.

    • This reply was modified 8 years, 4 months ago by agentmoller001. Reason: Grammer
    Thread Starter derajderaj

    (@derajderaj)

    Hi again agentmoller001,

    I thought that CNAME and ALIAS have to resolve to a domain name. Do you now of a way to get CNAME (or alias) to resolve to a domainname/subdirectory ?

    Deraj

    Add the subdomain to the hosting control panel and add a 301 redirect in the subdomains root folder .htaccess file to the appropriate wp-login.php page.

    Redirect 301 / https://yourdomain.com/wp/wp-login.php

    Thread Starter derajderaj

    (@derajderaj)

    Thanks agentmoller001. I’ll try it. I’ll let you know tomorrow whether it worked or not.

    Meanwhile, do you have any idea if the solution that I came up with (which definitely works) is safe and secure?

    Deraj

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘login url: change from mysite.com/wp/wp-admin to mysite.com/wp-admin’ is closed to new replies.