Typically, a security plugin is used to rename the WP-Admin login page. However, it may happen that the WordPress installation is corrupted. Errors in the .htaccess file can also result in the inability to access the WP-Admin login page. In this case, it is possible to reset the WordPress .htaccess file. However, caution is still required: indeed, unwanted changes to the .htaccess file can have negative repercussions on SEO and also expose sensitive areas of the site.
If the WP-Admin login page has been renamed using a security plugin and the new URL to login to WordPress has been forgotten, the admin is in a sticky situation. Since no one can connect, it is not possible to disable this security plugin from the dashboard. However, as long as there is access to the WordPress server, there is a trick: delete or move the plugin folder. Thus, it will be deactivated and the WP-Admin login page will be restored to its normal address. This method requires knowing the name of the plugin.
With SSH access to the WordPress server, it is best to use the WordPress Command-line Interface (WP-CLI). Using WP CLI, it is possible to display a list of active plugins with their name. Plugins used to rename the page to log in to WordPress often contain a term like « Login », « Hide » or « Security ». Once the responsible plugin has been identified, it is possible to deactivate it using a WP-CLI command line. You can also disable all plugins temporarily. Here are the details of the different steps:
- List active plugins: