Plugins DatabasePlugins Database logo
Back to plugins
Homepage WordPress

Actions

DownloadAuthor pageSee on WordPress

Plugin info

Total downloads: 143,675
Active installs: 8,000
Total reviews: 43
Average rating: 4.3
Support threads opened: 0
Support threads resolved: 0 (0%)
Available in: 3 language(s)
Contributors: 6
Last updated: 11/14/2025 (47 days ago)
Added to WordPress: 6/4/2013 (12 years old)
Minimum WordPress version: 3.1
Tested up to WordPress version: 4.7.31
Minimum PHP version: f

Maintenance & Compatibility

Maintenance score

Actively maintained • Last updated 47 days ago • 43 reviews

65/100

Is Move Login abandoned?

Likely maintained (last update 47 days ago).

Compatibility

Requires WordPress: 3.1
Tested up to: 4.7.31
Requires PHP: f

Ratings

33
3
0
3
4See all reviews

Developers

SecuPress (Owner)1Grégory Viguier (Owner)7Julio Potier (Owner)26Julio Potier8Grégory Viguier5SecuPress5

Languages

Spanish (Spain)32,360Dutch30,206

Similar & Alternatives

Explore plugins with similar tags, and compare key metrics like downloads, ratings, updates, support, and WP/PHP compatibility.

Hide Login+
Rating 2.5/5 (33 reviews)Active installs 100
Compare
Aspexi Easy Login URL
Rating 3.7/5 (3 reviews)Active installs 20
Compare
LoginWP (Formerly Peter's Login Redirect)
Rating 4.8/5 (488 reviews)Active installs 100,000
Compare
User Menus – Nav Menu Visibility
Rating 5.0/5 (1,262 reviews)Active installs 90,000
Compare
Inactive Logout
Rating 4.7/5 (105 reviews)Active installs 20,000
Compare
Login or Logout Menu Item
Rating 4.8/5 (22 reviews)Active installs 20,000
Compare
See more alternatives to Move Login

Description

This plugin forbids access to https://example.com/wp-login.php and creates new urls, like https://example.com/login or https://example.com/logout.
This is a great way to limit bots trying to brute-force your login (trying to guess your login and password). Of course, the new URLs are easier to remember too.

Also remember: the use of this plugin does NOT exempt you to use a strong password. Moreover, never use “admin” as login, this is the first attempt for bots.

By the way, if you are looking for a complete security solution, take a look at SecuPress: Move Login is included inside.

Multisite

Yes! The plugin must be activated from your network.
Note 1: this plugin deals only with wp-login.php, not with wp-signup.php nor with wp-activate.php (yet). That means https://example.com/register will still redirect to https://example.com/wp-signup.php. I think this will be the next step though, but no ETA.
Note 2: if users/sites registrations are open, you shouldn’t use this plugin yet. There are some places where the log in address is hard coded and not filterable. A bug ticket is open.

Requirements

  • You will need a FTP access: if the .htaccess/web.config file is not writable (you will need to add the given rules manually), or if something is wrong and you can’t log in anymore (see the FAQ in that case).
  • Should work on IIS7+ servers but not tested (I guess you should probably save a copy of your web.config file before the plugin activation).
  • For Nginx servers, the rewrite rules are not written automatically of course, but they are provided as information in the plugin settings page.

Installation

  1. Extract the plugin folder from the downloaded ZIP file.
  2. Upload the sf-move-login folder to your /wp-content/plugins/ directory.
  3. If you have another plugin that makes redirections to https://example.com/wp-login.php (a short-links plugin for example), disable it or remove the redirection, otherwise they will conflict and you’ll be locked out. See the FAQ in case you’re not able to reach the login page (make sure to have a FTP access to your site).
  4. Activate the plugin from the “Plugins” page.
  5. If the plugin can’t write your .htaccess file or web.config file, you’ll need to edit it yourself with a FTP access, the rules are provided in the plugin settings page.

Frequently Asked Questions

Can I set my own URLs?

Yes this is the goal of the plugin

I’m locked out! I can’t access the login page!

You need a FTP access to your site. When logged in with your FTP software, open the file wp-config.php located at the root of your installation. Simply add this in the file: define( 'SFML_ALLOW_LOGIN_ACCESS', true ); and save the file. This will bypass the plugin and you’ll be able to access https://example.com/wp-login.php. Another plugin may conflict, you’ll need to find which one before removing this new line of code.

Does it really work for Multisite?

Yes. Each blog has its own login page (but the customized slugs are the same for each blog though). The plugin must be activated from the network.

Eventually, try the WordPress support forum (best).

Review feed

onico0
2/18/2017

The best of the 3 ones I tested

Don't know why I didn't find "Move Login" first. I already tested 2 alternative free plugins and it was deficient in different ways. "Move Login" is powerful, light and easy to set up. Very nice find. Thanks.

Screenshots

  1. The settings page.

    The settings page.

Changelog

2.5.3

  • 2017/06/05
  • New: preview your URLs while typing.
  • New: you can leave a field empty to set its default value.
  • Improved URL duplicates detection.
  • Fixed the “Lost Password” redirection (and others).
  • Dev stuff: fixed the filters in sfml_is_apache(), sfml_is_iis7(), and sfml_is_nginx().
  • Nerd stuff: improved the whole plugin code quality by updating the Coding Standard rules and applying new ones. Changed a few things in the class SFML_Options.
Back to plugins