WordPress Login URL | WordPress Admin URL
Last modified: June 28, 2026
The WordPress login URL is yoursite.com/wp-login.php and the admin URL is yoursite.com/wp-admin/. These two paths work on almost every WordPress installation by default, so you can use them on any site without any configuration.
If you manage multiple WordPress sites, or help clients with theirs, knowing these default URLs saves time. Both paths are case-insensitive and work with or without a trailing slash. The only exception is when a site owner has deliberately changed them using a plugin or custom code.
There is also a convenient shortcut that even experienced developers sometimes miss: WordPress will redirect /wp-admin/ to the login page automatically if you are not yet logged in, so you only need to remember one URL for both purposes. Type yoursite.com/wp-admin and WordPress handles the rest.
For sites where the login URL has been changed for security reasons, the default paths will redirect to the homepage or return a 404. See the section on custom login URLs below for how to locate or recover a changed login path.
When the Default Login URL Does Not Work
If /wp-login.php or /wp-admin/ redirect to the homepage or return a 404, the login URL has been changed with a security plugin such as WPS Hide Login, Perfmatters, or All In One WP Security. This is a common configuration on well-maintained WordPress sites.
To find the new login URL: check the site’s installed plugins list for a “hide login” plugin (the plugin settings page will show the custom path), look in wp-config.php for any login-related constants, or contact the site administrator. If you are locked out of your own site, our guide to changing your WordPress login URL covers recovery options via FTP and cPanel.
* This button will show the rest of the post and open up an offer from a vendor
The Default WordPress Login URL
To reach the login page on any WordPress site, go to http://example.com/wp-login.php (replacing example.com with the actual domain). This loads the standard WordPress login form where you enter your username and password.
The URL is case-insensitive, so wp-login.php and WP-Login.PHP both work. A trailing slash is optional. On the vast majority of WordPress installations — shared hosting, managed hosting, VPS — this URL works without any configuration.
For WordPress sites hosted on WordPress.com (not self-hosted), the login URL is wordpress.com/log-in rather than a site-specific URL. The self-hosted WordPress login URL applies to WordPress.org installations on your own server.
For WP Engine hosted sites, the login page is still at yoursite.com/wp-login.php. WP Engine also provides a platform-level login at my.wpengine.com for managing your hosting account separately from the WordPress dashboard.
If the login page redirects back to itself after entering credentials, clear your browser cookies or try in an incognito window. This redirect loop is usually a cookie or session issue on the browser side, not a problem with the login URL itself.
The Default WordPress Admin URL
To reach the admin area on most WordPress sites, add /wp-admin/ to the end of the domain. So http://example.com/wp-admin/ takes you directly to the WordPress dashboard if you are already logged in.
If you are not logged in, WordPress automatically redirects /wp-admin/ to the login page and then back to the dashboard after you authenticate. This means /wp-admin/ works as a universal entry point regardless of whether you are already signed in.
The admin URL and the login URL are different but linked. /wp-login.php is where authentication happens. /wp-admin/ is where the dashboard lives. Once logged in, you navigate via /wp-admin/ paths: /wp-admin/edit.php for posts, /wp-admin/plugins.php for plugins, /wp-admin/options-general.php for settings, and so on.
On WordPress Multisite installations, the network admin dashboard is at /wp-admin/network/. Individual site admins still use /wp-admin/ for their specific site within the network. The super admin who manages the whole network accesses broader controls via the /network/ path.
If /wp-admin/ returns a 403 Forbidden error, check whether your hosting provider or a security plugin has blocked direct access to the admin area from certain IP addresses. Some hardened WordPress configurations restrict /wp-admin/ access to specific IPs as an additional security measure.
Easy To Remember Tip:
The easiest tip to remember: just add /wp-admin to any WordPress site URL and it will take you to the login or dashboard. You do not need to know the exact login path.
That said, site owners sometimes change the login URL using a plugin like WPS Hide Login for security reasons. In that case, /wp-admin will redirect to the homepage or return a 404 rather than the login form.
If you manage several WordPress sites and need to remember custom login URLs, using a password manager that stores the URL alongside the credentials is the simplest solution. Most password managers (1Password, Bitwarden) let you store the login URL with each entry, so the browser opens the correct page automatically when you use autofill.
For developers who use WP-CLI, you can generate a one-time login link from the command line without needing to know the login URL at all. Run wp user generate-auth-key USER_ID or use the wp user commands to get a temporary login link. This is useful when you are locked out or the login URL has been changed and you have server access.
Recap: WordPress Login and Admin URLs
The two standard entry points for any WordPress site are yoursite.com/wp-login.php for the login page and yoursite.com/wp-admin/ for the dashboard. Both work on almost all WordPress installations by default, and wp-admin will redirect to the login page automatically if you are not yet signed in.
For better security, consider changing your WordPress login URL to a custom path so bots cannot find the login page at its default location.
If you need to move your entire WordPress site to a new domain or update the URL after a server migration, our step-by-step guide on how to change your WordPress URL covers all the required steps including the database search-and-replace that most tutorials skip.
If you are setting up a new WordPress site, consider changing the default login URL as an early security step. Bots constantly probe /wp-login.php and /wp-admin/ on every WordPress site on the internet. Moving the login form to a custom path reduces automated login attacks without any trade-offs for legitimate users who know the URL. Our guide on how to change your WordPress login URL covers this in detail.



Website Maintenance – Use Promocode: scanwp
Advanced JetPlugins for Elementor
Semrush 14 days trial
Kinsta – Managed WordPress Hosting
Bluehost Hosting