This is a handy tip to help you protect your Magento backend against Hackers and brute-force attacks. I recommend you change the default URL to the Magento Admin Panel. Â
It is really quick to do and adds an additional layer of security to your site.
DO NOT use the web interface in the Magento Admin Panel to the change the URL
Step 1 – Change Path
I usually login into the site and disable Cache Storage Management, then log out.
Log in via FTP to your site, go your Magento root installation.
Navigate to the
app/etc folder Â and open the
local.xml in a text Editor
Find the following segment
<admin> <routers> <adminhtml> <args> <CDATA[admin]]></frontName> </args> </adminhtml> </routers> </admin>
Replace admin with your new admin path. This should be something unique which should be a little hard to guess, only use letters.
i.e. gooseberry Â or yada or some such path.
Save the File.
Step 2 – Refresh cache.
If you didn’t disable the cache int he previous step. You can use FTP client to delete the content of the
var/cache/ directory, or use the following SSH command.
rm -rf var/cache/*
Step 3 – Complete
The change is now complete and you should try to log in via the new admin url –
http://domainname/adminpath/, replacing ‘adminpath’ with the path you chose in the step above.
If everything went fine, you should now be presented with the Admin Panel login screen at the new URL.
The old admin login URL should return a 404 error message.