This afternoon while we were making a research for the next ThemeShock article, we noticed that ‘wordpress login’, one of the search terms that we were using for the post was being highly requested by users. We did not find a particular reason for this, so we started to investigate the reason and the result among others, revealed to us two main causes: First, people want to change their WordPress login page for something prettier and with more customization. Secondly, there seems to be a necessity for possess a shorter and friendlier URL for their WP login. On this post we will be covering these two major points and then we're going to give you a great roundup featuring useful tricks and tips regarding wp-login.

Creating an user-friendly URL for your login

So, why would you like to change your WordPress login URL if it’s the same you’ve been using for many years?, well the thing is that you can have something simpler than the standard https://yoursite.com/wp-login.php and thanks to our friend Chris Coyier we can show you how to migrate from that classic login URL to something like https://yoursite.com/login.

Utilizing a WordPress API plugin, Pretty Login URL

There’s a practical and effective way that will let you get rid of the standard wp-login address, it consists in implementing a WordPress plugin that will do all the job for you. Rewrite API is the part of the WordPress engine that handles all the internal URL rewriting, which means that you can have prettier addresses such as yoursite.com/2011/01/happy-new-year/ instead of yoursite.com/index.php?p=1337. To create the rule that will help us change our wp-login address we’re going to utilize dd_rewrite_rule(). This function can be found in wp-includes/rewrite.php and it has the following syntax and parameters: add_rewrite_rule( $regex, $redirect, $after ) where:

• $regex is a string that contains the Regular Expression (or RegEx) to match requests.
• $redirect is a string for the location to redirect to.
• The optional $after specifies where to add the rule in the list: 'bottom' (default) if you want your RewriteRule to be matched after everything has failed, or 'top' if you want it to have greater priority and eventually replace potentially conflicting rules (for instance if you have a page titled "Login")

So, basically, all it takes to create the rewrite rule for the Pretty Login URL plugin is the following snippet: The regexp used here will match 'login', 'login/' but not 'login/somethingelse'. There's a little catch with rewrite rules in the Rewrite API: For performance reasons, the rules are not generated every time WordPress instantiates and displays a page and due this reason, when you create or deregister a rewrite rule, you will need to "flush" the list to force a refresh. Therefore, the complete plugin will monitor activation and deactivation to make sure the list is flushed when appropriate, now let’s take a look at the full code:

Original link: Pretty Login URL

Modifying the .htaccess file

But what happens when our WordPress version does not support the Ozh plugin or something goes wrong?, well in that case we have an alternative method that will allow us to shorten our WP-login address by putting our hands into the  .htaccess file, you just need to add a small line of code before the default WordPress rewrite stuff: [php] RewriteRule ^login$ https://yoursite.com/wp-login.php [NC,L] [/php]

• The caret (^) is a substitute for the directory that the .htaccess file is in, which means that if the file is in your root, then it stands for https://yoursite.com/
• The $ symbol means “stop matching here” (So ultimately we’re looking for https://yoursite.com/login)
• After the space you need to put the URL that’s going to be use instead. This is our fully valid WordPress login URL, nothing fancy here
• After that we have the [flags]. We are using two: NC and L. NC means “no case” which means “LoGiN” would match as well as “login”. L means “last” meaning don’t process any of the rest of the .htaccess file after this match. This is important so our WordPress rewrites don’t get involved.
• Note that this doesn’t redirect, it rewrites, which is something cleaner, though if you prefer a redirect, you can simply add an “R” flag as well.

Original link: Simpler Login URL

Customizing your WordPress login page

The second reason why users search for ‘wordpress-login’ is because they want to change the default WordPress login page and implement a custom design to give their site more identity. We investigated about this subject and after reading tons of tutorials, checking different scripts and plugins, we’ve chosen to stay with two of the most helpful tricks, one solves the problem through a plugin while the other employs a few lines of code.

Utilizing the Custom Admin Branding plugin

The favorite solution for rookies or people that just don’t want to waste much time getting their hands dirty with code is using plugins, an effective and easy method that everyone can utilize without having vast knowledge in CSS, HTML or web development in general. After checking several plugins that offered us the chance of changing our WordPress login page, we opted for the Custom Admin Branding Plugin. This plugin allows you to brand and customize the WordPress administration area for clients or for personal use, you can display custom images and styles for the login screen, admin header and footer. It should be really easy to use by anyone familiarized with WordPress and has basic CSS and HTML skills. At its simplest the plugin only requires to be activated and then replace three images with your own. Photoshop templates are included in the original source to help you with that.

Original link: Custom Admin Branding

Customizing your WP-login page without a plugin

So, the plugin method produces definitely good results, but it’s possible that you prefer to fix things yourself without relying in others’ assistance. We found an effective and short way that will let you modify your WordPress page quickly and without installing any additional plugins. The trick is really simple, you just have to grab the following code and paste it within your functions.php file: [php] function my_custom_login_logo() { echo '<style type="text/css"> h1 a { background-image:url('.get_bloginfo('template_directory').'/images/custom-login-logo.gif) !important; } </style>'; } add_action('login_head', 'my_custom_login_logo'); [/php]

Our personal recommendation

If you’re looking for an attractive wp-login design to spice up your site, then we like to recommend you our latest freebie featuring an astounding wp-login design ready for download with fully editable PSD source. The design includes a login box with pixel art elements, a customizable background design and a custom bar to place all the relevant information about your site.

Check WP-login by ThemeShock.

More tips and secrets

These two aspects that we just talked about are certainly the main reasons why people enquire about ‘wordpress-login’, but still there are other important reasons that though are not as relevant as the others, they deserve the same attention in order to create an integral article. Now we’re going to showcase a series of tricks and useful tips that will help you pull out the best of your wp-login page.

How to Hide Login Errors in WordPress

When a hacker is trying to access your WordPress dashboard, one of the things that makes his task easier are error messages. When a hacker sees an error message, he can infer with ease what he’s doing wrong and thus focus on that aspect, with this trick you won’t have to worry about that because the error messages are about to disappear.

Hide Login Errors in WordPress

Trick the Hackers – Keep your WordPress login secure

With this little trick, you will be able to tease of hackers by letting them try to decipher the password of your ‘admin’ user while you chill out and enjoy the rest of your day.

Trick the Hackers

Let WordPress remember your FTP Details

Something that bothers people a lot is that every time they’re going to install a new plugin or make an important modification on their WordPress dashboard, the system asks for the FTP details. Although this is not exactly a wp-login tip, it can definitely help you store your details and stop having to input them all the time.

Remember your FTP details

WordPress login URL, remove wp-admin

To complement the startup section of this article we have an usual tip that with a single code line teaches how to effectively remove the wp-admin section of your wp-login page.

Remove WP-admin

How to secure your WordPress login

Useful article that gives you different tips to increase the security of your WordPress login page, so hackers won’t find things easy when trying to breach your site.

Secure your WordPress login

How to Recover Hacked WordPress Login

After being victim of hackers, the authors put on test his counterterrorist skills and managed to rescue his site, then he decided to share with us the method we utilized to save his WordPress login.

Recover Hacked WordPress login

Semi secure Login Reimagined

Semisecure Login Reimagined increases the security of the wp-login process by using a combination of public and secret-key encryption to encrypt the password on the client-side when a user logs in.

Semi secure Login Reimagined

SimpleModal Login

SimpleModal Login provides a modal Ajax login, registration and password reset feature for WordPress and utilizes jQuery and the SimpleModal jQuery plugin.

SimpleModal

Login With Ajax

Login With Ajax is ideal for sites that need to implement user logins or registrations without depending on normal WordPress login pages, this plugin adds the capability of placing a login widget in the sidebar using smooth AJAX login effects.

Ajax login

Login-box

Login-box is a WordPress plugin that inserts a login form into all your pages, speeding up the authentication process. As the login-box is hidden, it doesn’t draws attention of your readers, but for you (and the others editors of your blog) it becomes quite practical having the chance of accessing through a simple combination of keys.

Login-box

Login Configurator

This tool gives you the chance to change the way your login functions work, including forcing users to log in, change the URL they arrive at when the login is successful, add text to the login form and change the logo / link on the login form.

Login Configurator

Smithers Login

Smithers Login is a light weight plugin that will allow you full theme control over the WordPress Multisite login pages. This plugin allows for different custom login screens on a single WordPress 3.0 Multisite with Domain Mapping.

Smithers Login

SuperSlider-Login

A slide in login panel. Theme based, animated, automatic user detection, the plugin uses Mootools 1.2 JavaScript. This plugin is part of the SuperSlider series.

SuperSlider

How to prevent attacks on WordPress wp-login.php page

Stack Overflow is always a good site to find answers and tips directly from the experts. On this question the discussion goes around preventing attacks and increasing the security level of your WordPress login page.

Original link

Hide your WP-Login Name From the Archives

Have you ever noticed that WordPress shows your login username in the author archive’s URLs?, well with this trick you won’t have to worry anymore about this issue.

Hide your WP-login name

How to Customize The Default WordPress Login Screen

This useful tutorial gives you all the ingredients to fully customize your WordPress login page and give it a more professional look that will pleasantly surprise your clients.

Customize your default WP-login

6 WordPress Login Skins

Our friends from Hongkiat have created this beautiful set of colorful WP login boxes ready for download and be implemented within your WordPress login page.

6 WordPress Login Skins

Limit Login Attempts

By default, WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease. Limit Login Attempts blocks an Internet address from making further attempts after a specified limit of retries is reached, making a brute-force attack difficult or impossible.

Limit Login Attempts

Stealth Login

This plugin allows you to create custom URLs for logging in, logging out, accessing the dashboard and registering for your WordPress blog. Instead of advertising your login url on your homepage, you can create a url of your choice that can be easier to remember than wp-login.php.

Stealth Login

WordPress 2.3 Login

This fancy plugin changes the login form from you WordPress install to the WordPress 2.3 version. This, because the login form of WordPress 2.3 is the best-looking login box in WordPress History

WordPress 2.3 Login

Customize wp-login page without affecting core files

This useful tip will teach you how to customize your wp-login page without jeopardizing your site’s integrity in the process and achieving great results.

Customize wp-login

How to Recover Lost WordPress (Localhost) Password

Sometimes when you have a WordPress-powered website, it could happen that you have a localhost copy on your computer to preview and perform tests. If you lose your admin password in the online host, it can be retrieved with ease, but if the problem affects your localhost, then this tutorial will show you what you need to do.

Recover Lost WordPress Password

WP Email Login

Since email addresses are required to be unique within WordPress anyway, they also make good identifiers for logging in. For slightly better security, set your username to something random and then just forget it and use your email address instead thanks to this plugin.

WP Email Login

How to access WP Dashboard Panel with simple method

Although this might seem like an obvious question, the author give us some really useful tips to easily access your WordPress dashboard in case you forget it.

Easy WP access

SI CAPTCHA Anti-Spam

This plugin adds CAPTCHA anti-spam methods to WordPress forms for comments, registration, lost password, login, etc. In order to post comments or register, users will have to type in the code shown on the image.

SI CAPTCHA Anti-Spam

Check Last Login

This plugin adds registration date and last login date columns on the "Users" page. It also checks if a user logs in within 30 days after the registration and if he does not, then his account is deleted

Check Last Login

Visual Login Errors

This plugin provides visual feedback for login errors. Currently you can choose from three different feedback styles, all of them with a really nice appearance.

Visual Login Errors

Setting a number of login attempts

A good way of protecting your blog against brute force attacks is to prevent any access to your admin screens if more than a pre-set number of login attempts fail. One of the most effective ways to do that is installing the “Login Lockdown” plugin, which sets a defined number of valid login attempts.

WordPress login attempts

Force Login Except Special IP Range

This plugin forces all anonymous users to login except for those who are connected from special IPv4 ranges or a specific IPv4 address. This plugin was written to use WordPress in an intranet/internet environment. Users who are connecting from the intranet should see the blog without being forced to login.

Force Login Except Special IP Range

Login to view all

Login to view all is a WP plugin designed to help you insert hidden contents in your post. The hidden contents are only visible for visitors who are logged in.

Login to view all

WP Login reCAPTCHA

This plugin adds reCAPTCHA to your login form. By adding reCAPTCHA to your login form, you can prevent bot / script from trying to login to your WordPress website. You must install the WP-reCAPTCHA plugin prior implementing this plugin.

WP Login reCAPTCHA

User Info Login Shortcode

This plugin provides a [user_info_login] shortcode to let you embed a User Info or Login section without wasting your time with page templates or widgets

User Info Login Shortcode

Login-warning-banner

The Login Warning Banner plugin for WordPress allows an administrator to create a custom, pre-authentication, warning header and message.

Login-warning-banner

Encrypt Your WordPress Login Administration

Due to the number of users and popularity of WordPress, it is also the most attacked blogging platform. This article will give you a series of tips to increase your site’s security in WordPress.

Encrypt Your WordPress Login – Administration

bbPress Integration

bbPress can be set up to have the ability to read the standard cookies created by WordPress to check whether a user is logged in and can grant the user access to bbPress based on these. This plugin provides single sign on login with a bbPress installation.

bbPress Integration

And now we have reached the end of this article, we have managed to gather the most extensive collection of WP-login tips, plugins and tutorials that you should know about and can definitely help you master this aspect, we hope you’ve enjoyed this article as well as the free WP-login template that we’ve published, if you know any other useful tips, don’t hesitate in leaving us a comment, we will really appreciate it.