Changing Wp Admin Without A Plugin

ArnoldMC77

Jr. VIP
Jr. VIP
Joined
May 13, 2018
Messages
192
Reaction score
87
Website
link.totalaffiliating.com
I am trying to change the wp-admin to a custom login link. Previously, I have used plugins but I would prefer to change it without a plugin. Doe anyone have any suggestions?
 

Gogol

Jr. VIP
Jr. VIP
Joined
Sep 10, 2010
Messages
9,535
Reaction score
16,243
You can do the same thing with your theme too. If you don't want to edit the theme directly, make a child theme out of it.

Then load whatever you need from functions.php.
 

FWA

Banned - selling outside of the marketplace.
Joined
Sep 15, 2020
Messages
242
Reaction score
100
it is not on this subject i bought a wordpress theme were is the licence to activate it is on zip folder? or?
 

ArnoldMC77

Jr. VIP
Jr. VIP
Joined
May 13, 2018
Messages
192
Reaction score
87
Website
link.totalaffiliating.com
That you guys. I am not an advanced coder. I can get by with a little HTML, PHP and Java. I have taken courses at Code Academy. Is there anything courses you can recommend that I can learn specifically to write code for this?
 

leechesBleechin

Jr. VIP
Jr. VIP
Joined
Feb 16, 2017
Messages
1,035
Reaction score
2,679
That you guys. I am not an advanced coder. I can get by with a little HTML, PHP and Java. I have taken courses at Code Academy. Is there anything courses you can recommend that I can learn specifically to write code for this?
That's like going to school for 8 years to be a doctor so you can put a bandaid on a splinter lol. What's wrong with just using the plugin? They're not very heavy weight.
 

Gogol

Jr. VIP
Jr. VIP
Joined
Sep 10, 2010
Messages
9,535
Reaction score
16,243
That you guys. I am not an advanced coder. I can get by with a little HTML, PHP and Java. I have taken courses at Code Academy. Is there anything courses you can recommend that I can learn specifically to write code for this?
Something on "wordpress custom theme" or "make a wp theme from scratch" should help. Try youtube for example. Free tutorials should be enough for getting started.

Plus, wp documentation and stackoverflow are pretty good for specific problems/apis.
 

ArnoldMC77

Jr. VIP
Jr. VIP
Joined
May 13, 2018
Messages
192
Reaction score
87
Website
link.totalaffiliating.com
That's like going to school for 8 years to be a doctor so you can put a bandaid on a splinter lol. What's wrong with just using the plugin? They're not very heavy weight.
There isn't anything wrong with it for now. I thought I may be able to write a few lines of code to change it.
Don't get me wrong. I want to learn how to write better code so I can customize my sites better without having to rely on a programmer.
 

Panther28

Jr. Executive VIP
Jr. VIP
Joined
May 2, 2010
Messages
5,787
Reaction score
8,557
I used a wordpress plugin to do this, which randomized the address of each site, then I didn't record them all properly, and couldn't log in, so had to reset a bunch of sites and delete the plugin.
 

ArnoldMC77

Jr. VIP
Jr. VIP
Joined
May 13, 2018
Messages
192
Reaction score
87
Website
link.totalaffiliating.com
I used a wordpress plugin to do this, which randomized the address of each site, then I didn't record them all properly, and couldn't log in, so had to reset a bunch of sites and delete the plugin.
Can anyone recommend a good plugin?
 

Tasker18

Jr. VIP
Jr. VIP
Joined
Jan 2, 2014
Messages
2,930
Reaction score
779
Website
tasker18.com
You can do the same thing with your theme too. If you don't want to edit the theme directly, make a child theme out of it.

Then load whatever you need from functions.php.

This one.

Best would be build a plugin by reading the available hooks and get the job done or use the child theme method.
It will be straight forward if you understand the structures.
 

CyHead

Senior Member
Joined
Apr 6, 2009
Messages
837
Reaction score
807
Yes - edit the wp-functions file in your current theme, just note that once you do that you won't be able to update the theme, because it will overwrite the code you added - unless you create a child/parent theme.

WP has lots of hooks, so you can just hook into the login routine and redirect it to a URL.
 

Aleksandar916

Jr. VIP
Jr. VIP
Joined
Nov 29, 2017
Messages
723
Reaction score
1,043
Noob security question to follow up on the subject: How critical is it to hide WP login if you have limit login attempts?
 

Gogol

Jr. VIP
Jr. VIP
Joined
Sep 10, 2010
Messages
9,535
Reaction score
16,243
Noob security question to follow up on the subject: How critical is it to hide WP login if you have limit login attempts?
Matter of taste. No matter if you are limiting login attempts or not. An alphanumeric sentence with special characters is improbable (notice my choice of word) to crack for any computer out there right now. If you are worried about ddos, then don't be; coz they can ddos your home page too for that matter. Bruteforcing only works with weaker passwords. You should be more concerned about stuffs like sql injection, rfi, lfi and so on. Bruteforcing isn't that big of a deal imho.
 

Gogol

Jr. VIP
Jr. VIP
Joined
Sep 10, 2010
Messages
9,535
Reaction score
16,243
This doesn't :D and I'm not sure what you said.
All simple stuffs!! I just used jargons lol.. let me explain..

SQL injection - this one is easy to know more about. Just google it.
RFI - Remote File Inclusion vulnerability. Using these the hackers gain access to your server's file system (ever heard the term c99 shell? Related to this.). Mainly caused by bad upload scripts.
LFI - Local File Inclusion vulnerability. Using this the hacker may read a local file on your server that he is not supposed to. These are generally caused by improper thumbnail scripts and such scripts where the plugin/theme is including a file based on user input.


There are even more.. :p

For example, php's string to object conversion on the fly. This is why weakly typed languages are a pain. As a case.. if you do not properly sanitize your $_GET/$_POST variables, it can get your server hacked.

All the hacker needs to do is send e.g. url.com/somepage?a[]=b instead of url.com/somepage?a=b
BAM, it will break your script. If debug is enabled on your server, your sensitive environment vars, filepaths etc can be leaked.


there are a loooooot more... google it may be :p
 

Aleksandar916

Jr. VIP
Jr. VIP
Joined
Nov 29, 2017
Messages
723
Reaction score
1,043
RFI - Remote File Inclusion vulnerability. Using these the hackers gain access to your server's file system (ever heard the term c99 shell? Related to this.). Mainly caused by bad upload scripts.
So let's say that someone did this to a website and months after it seems as if it's still there. Would you know (or someone you know) how to get rid of this problem?
Asking for a friend!

Thanks for the explanation
 

Gogol

Jr. VIP
Jr. VIP
Joined
Sep 10, 2010
Messages
9,535
Reaction score
16,243
So let's say that someone did this to a website and months after it seems as if it's still there. Would you know (or someone you know) how to get rid of this problem?
Asking for a friend!

Thanks for the explanation
I will tell you a dirty little secret that I have used before. Look for any php file which is more than 30kb. It may actually be a shell. No one in their right mind would make a single file so huge (except for the noobs lol.. dont use those scripts). Additionally there are advanced techniques to prevent these. For example, file versioning systems like git lets you see even if a single char has been changed. You should always use proper permissions too.

You should never trust user input.

When possible, containerize your app using something like docker. That way, even if somebody gets access to the files, they will not be able to do shit.

and there are lots more. Software security is a huge topic. Perhaps I should cover some of the stuffs I know for everyone. Added to my todo list. Watch out for a tutorial in near future.
 
Top