Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

WordPress Local WordPress Development Local WordPress Development Migrating WordPress from Local to Live Server

Posted by David Bilson
David Bilson
13,819 Points

Place wordpress site in a random folder rather than root?

Wouldn't it be better to place the wordpress files in a random folder rather than the site root?

My reasoning behind this is that most people know that to login to the admin panel of a Wordpress site you go to:

http://mysitename.com/wp-admin``` 
if you place the wordpress files in a random folder then nobody knows where your wordpress site resides on the server.

i.e

```http://mysitename.com/randomname/wp-admin```

Full details on how to do this are given in the Wordpress Codex

https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory

A bit of security by obscurity.  If nobody knows where your control panel is located, then they cannot log into it.
Luis Felipe Lino
seal-mask
.a{fill-rule:evenodd;}techdegree
Luis Felipe Lino
Full Stack JavaScript Techdegree Student 15,708 Points
Luis Felipe Lino
.a{fill-rule:evenodd;}techdegree
Luis Felipe Lino
Full Stack JavaScript Techdegree Student 15,708 Points

I use this approach to make things easier to maintain. But I don't know if it has some security advantage considering that the sites that I made automatically redirects to login page when I access them using "domainname/wp-admin" even if it is in a different folder.

Hope you understand. My english is not pretty good.

2 Answers

Daron Spence
Daron Spence
7,895 Points
Daron Spence
Daron Spence
7,895 Points

Putting WordPress into a subdirectory will not increase security from brute force attempts. If your site URL is mysite.com and WP is installed in mysite.com/somerandomfolder/ then by default WP will redirect mysite.com/wp-admin to mysite.com/somerandomfolder/wp-admin.

If you want to increase security, use one of the plethora of security plugins or perhaps look into JetPack's new security module.

David Bilson
David Bilson
13,819 Points
David Bilson
David Bilson
13,819 Points

Daron,

Yes your correct it does redirect. I was hoping it would do a page not found.

What a weird default behavior.