How to secure your Admin URL

To protect your Magento store against brute-force attempts you might consider changing your default Magento Admin URL.

By default Magento supports to change this URL via your Magento Admin panel → System → Configuration → Advance Menu → Admin section under the Admin Base URL

Still, this method is known to cause some issues and might result in having your admin panel inaccessible. Thus, we recommend to use a different approach to change your Magento Store admin panel URL.

First, you need to open your Magento local.xml file which is located under your Magento app/etc/ directory. This can be done via your cPanel → FIle manager or by downloading the file in question via your favorite FTP client.

In the local.xml file you will find the following block of code:

    <admin>
        <routers>
            <adminhtml>
                <args>
                    <frontName><![CDATA[admin]]></frontName>
                </args>
            </adminhtml>
        </routers>
    </admin>

In the line <frontName><![CDATA[admin]]></frontName> you should change the admin panel path by replacing the "admin" with the desired path. For example:

<frontName><![CDATA[mgadmincp]]></frontName>

After changing this value, please clear your Magento cache by removing the content of the cache folder located under /var/cache/. This can be done via your favorite FTP client or by using your cPanel → File Manager via your web browser.

Having the cache cleared, your Magento Admin panel should be accessible via the new admin URL.