WordPress is the major platform which bloggers use and also it is known for its vulnerabilities & bugs. There are are many security issues still persist in WordPress which has to be fixed before any one could use it for illegal purpose. One such issue is finding the admin URL of the WordPress dashboard. To provide security to the WordPress website every admin would have changed the admin URL path so that no one can access it without knowing the actual path. But still there is a small bug using which you can find the admin URL path that is kept secret to the people in the web.
When a site’s admin panel login URL is changed it would redirect you to the 404 error page when you try to access the default Admin path that is “www.xxxxxxx.com/wp-admin“. If a person is able to identify this login path then it would become easy for him to get access to the site. I would recommend you to have a strong password so that it could not be easily cracked. Thanks to Karan Vyas for bringing this bug into my concern.
I personally recommend you to use hostgator hosting with hostgator maximum discount in 2014 from here.
Trick to Find the Admin URL path of a WordPress Site
Note : I do not recommend you to use this trick for a bad purpose and this is only to educate you, I do not encourage you to try this method to harm any site and I’m not responsible for your actions by any chance.
1. Write down the WordPress website for which you want to find the admin path. Let’s take the site “Shoutmeloud” for example.
2. When you try the default path www.shoutmeloud.com/wp-admin then it would redirect you to the default page mostly.
3. When the login PHP file is called using its full name then the admin panel does opens.
4. Now try www.shoutmeloud.com/wp-login.php and see the magic. (This works for any wordpress sites)
One more thing is that when you get the login panel of any website using this trick try to enter some random username and password so that you will find their exact changed admin path of their website. In the below example “Labnol” website’s Admin URL has been found like the screenshot shown below.
I would recommend you to secure your WordPress password in order to stay away from the people who are trying to screw up your WordPress website. Maintain a strong password by adding numbers, capital letters and special characters to your password.
To prevent this vulnerability completely then you need to prevent people form getting access from your .htaccess file.