Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trialDavid Bilson
13,819 PointsPlace wordpress site in a random folder rather than root?
Wouldn't it be better to place the wordpress files in a random folder rather than the site root?
My reasoning behind this is that most people know that to login to the admin panel of a Wordpress site you go to:
if you place the wordpress files in a random folder then nobody knows where your wordpress site resides on the server.
i.e
```http://mysitename.com/randomname/wp-admin```
Full details on how to do this are given in the Wordpress Codex
https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory
A bit of security by obscurity. If nobody knows where your control panel is located, then they cannot log into it.
2 Answers
Daron Spence
7,895 PointsPutting WordPress into a subdirectory will not increase security from brute force attempts. If your site URL is mysite.com
and WP is installed in mysite.com/somerandomfolder/
then by default WP will redirect mysite.com/wp-admin
to mysite.com/somerandomfolder/wp-admin
.
If you want to increase security, use one of the plethora of security plugins or perhaps look into JetPack's new security module.
David Bilson
13,819 PointsDaron,
Yes your correct it does redirect. I was hoping it would do a page not found.
What a weird default behavior.
Luis Felipe Lino
Full Stack JavaScript Techdegree Student 15,708 PointsLuis Felipe Lino
Full Stack JavaScript Techdegree Student 15,708 PointsI use this approach to make things easier to maintain. But I don't know if it has some security advantage considering that the sites that I made automatically redirects to login page when I access them using "domainname/wp-admin" even if it is in a different folder.
Hope you understand. My english is not pretty good.