Stealth Login Page WordPress Plugin – Add a Security Layer to your WP Site

Stealth Login Page is a simple and effective WordPress plugin developed by Jesse Petersen to make things harder, to those bots that try to login to your WordPress site.

In simple words, this plugin moves your login page, your “front door”, to a hidden & configurable secret door.

I would like to transfer the idea also to brick and mortar buildings to improve the security in the offline world, not just the virtual 😉

Recently, there were huge brute-force attacks trying to login guessing passwords, and the popular “admin” username by default.

Having a weak password with “admin” is the perfect combo to the disaster, opening the door easily to hackers.

About 90,000 IP Super-Botnet run attacks to WordPress sites and they hit all types of hosts. You can read more information about those coordinated wp-login brute force attacks: here, herehere and here too.

 

Why do you need Stealth Login Page plugin?

Although, I’ve installed in all my projects the Limit Login Attempt Plugin, I’m sure that adding an extra security layer is a reasonable extra contra-measure for everybody.
From now on, the stealth login page will be available in my plugin-arsenal for every installation.

Bear in mind, that this plugin does NOT replace the common security best practices; you know them: strong password, different “admin” username, a login limiter plugin, a reliable host and so on.

With Limit Login Attempts or Login Lockdown plugin more the Stealth Login Page plugin, you’ll have a better security in your WordPress sites.

 

How to Change the Login URL in WordPress, without Editing any .htaccess files

Well, how?

 

The Stealth Login Page plugin comes to the rescue

Let’s dig into the plugin!

 

Stealth Login Page Plugin for WordPress

 

Download it via your WP dashboard from the WordPress repository.

  • Install and activate it.
  • Go to Settings and Enable Stealth Mode.
  • Redirect it for instance, to google.com

Now, every time someone enters in your default login page, will be redirected to google.com

  • Enter your question and answer. Both will be part of the new login page URL.

Bots can try different combinations to find out the combination of letters / words or code you’ve chosen, so select them wisely and complicate the task.

  • Save it. You’re done, that is it!

Your customized new login page URL is at the bottom of the page, even you can it send by email to the administrator of the site.

Despite I installed the plugin in several sites, and enabled to send the new URL by email, I never received the secret URL string in an email. Perhaps, you can have more luck 😉

However, I recommend saving your new login URL string in a safe place or bookmarking it in your favorite browser.

One thing, if you’re using Limit Login Attempts each redirection can be counted as a hit as an admin, and will be counted as a lockout. These are the interactions between the plugins, but it doesn’t matter.

Conclusion: the combo Stealth Login Page plugin, more Limit Login Attempts will make a harder day to those pesky robots!

Are you using the Stealth Login Page plugin or a similar one? Which are your standpoints?

 

More from this site:

About the Author Gera

As a WordPress fan, Gera provides detailed reviews, tutorials & guides about plugins, themes & hostings. He enjoys experimenting with them and the results are published on this blog.

follow me on:
1 comment
Kathryn Dilligard says

So basically, I need this plugin on my WordPress blog.

Comments are closed