How to secure your Admin URL

Updated on Mar 8, 2019

To protect your Magento store against brute-force attempts you might consider changing your default Magento Admin URL.

By default Magento supports to change this URL via your Magento Admin panel → System → Configuration → Advance Menu → Admin section under the Admin Base URL

Still, this method is known to cause some issues and might result in having your admin panel inaccessible. Thus, we recommend to use a different approach to change your Magento Store admin panel URL.

First, you need to open your Magento local.xml file which is located under your Magento app/etc/ directory. This can be done via your cPanel → FIle manager or by downloading the file in question via your favorite FTP client.

In the local.xml file you will find the following block of code:

    <admin>
        <routers>
            <adminhtml>
                <args>
                    <frontName><![CDATA[admin]]></frontName>
                </args>
            </adminhtml>
        </routers>
    </admin>

In the line <frontName><![CDATA[admin]]></frontName> you should change the admin panel path by replacing the "admin" with the desired path. For example:

<frontName><![CDATA[mgadmincp]]></frontName>

After changing this value, please clear your Magento cache by removing the content of the cache folder located under /var/cache/. This can be done via your favorite FTP client or by using your cPanel → File Manager via your web browser.

Having the cache cleared, your Magento Admin panel should be accessible via the new admin URL.

Optimize Database Back to top Create Backup

Magento Hosting

Free Installation
24/7 Magento Support
Hack-free Protection
Fast SSD Storage
Free Domain Transfer
Free Magento Transfer
Immediate Activation
Free Cloudflare CDN