How to secure your Admin URL

Updated on Mar 8, 2019

To protect your Magento store against brute-force attempts you might consider changing your default Magento Admin URL.

By default Magento supports to change this URL via your Magento Admin panel → System → Configuration → Advance Menu → Admin section under the Admin Base URL

Still, this method is known to cause some issues and might result in having your admin panel inaccessible. Thus, we recommend to use a different approach to change your Magento Store admin panel URL.

First, you need to open your Magento local.xml file which is located under your Magento app/etc/ directory. This can be done via your cPanel → FIle manager or by downloading the file in question via your favorite FTP client.

In the local.xml file you will find the following block of code:


In the line <frontName><![CDATA[admin]]></frontName> you should change the admin panel path by replacing the "admin" with the desired path. For example:


After changing this value, please clear your Magento cache by removing the content of the cache folder located under /var/cache/. This can be done via your favorite FTP client or by using your cPanel → File Manager via your web browser.

Having the cache cleared, your Magento Admin panel should be accessible via the new admin URL.

On this page...

    Magento Hosting

    • Free Installation
    • 24/7 Magento Support
    • Hack-free Protection
    • Fast SSD Storage
    • Free Domain Transfer
    • Free Magento Transfer
    • Immediate Activation
    • Free Cloudflare CDN
    View More