How to Hide the WordPress Author Username in URL for Security

There are many ways to protect your WordPress website and make it secure. But, when people want to find your top-secret details like the username and the password, your strategy should be different, and stronger than they expect.

The WordPress admin username can be displayed on the author’s URL, and that’s what you should protect. So, in this post, I’m going to show you the best way to hide your admin username from the author slug, or the URL that can be displayed on your archive page.

To find if your admin username is protected by default or not, visit your blog’s homepage, and hover over your author link, without clicking on it. At the same time, see the link that will appear at the bottom of the page, or any other location, depending on your web browser. If you see your username, then, you should keep it secure, by following the next easy steps.

Install WP Author Slug

The WP Author Slug is a simple and free plugin that makes your WordPress site more secure. You don’t have to do anything, like settings and options, just install and activate the plugin, and your author username will be replaced by the author’s name in the URL.

Of course, the installation of this tool will help, but only, when you have applied all the tips and recommendations about WordPress security.

For example, you need to keep your login details safe and encrypted in the logging process. When you should send admin login details to one of your employees or authors, make sure that you’re using a well-protected email service that uses SSL.

Look at the top of the page and never send details with unsecured connections. The green lock at the URL bar that appears at the top of every page is what you need for security.

Change your password, at least, twice in the year. That’s the minimum thing to do if you’re lazy about security. If you can change the password once a month, that will be better, and you will avoid lots of problems and keep your website protected.

If you have many websites, then, you have to use a professional and secure password manager tool. It’s software that you can install on your computer and add to your web browser. When you log in, the small extension registers your login details and encrypts them.

Later, you will just need to click the ”auto login” option and the extension will enter your admin username and login for you. Search for any password manager application on Google, and you will find good services.

Also, you shouldn’t log in to your admin area from a public internet service. You don’t know what applications are installed on those computers, and spyware applications can make your life bad. So, make sure to use your own, clean, and protected computer when you log in. Then, add a powerful antivirus and never use shared WiFi connections for logging, and sending sensitive data.

If you follow these easy tips and apply them, you will be able to make the WordPress admin area protected, safe, and you will block bots from trying to destroy your business and hard work.

Have other information and tips to add? You can share them in your comment and let’s see what you think.

Avatar for Fathi Arfaoui
About Fathi Arfaoui

Fathi Arfaoui is a Physicist, Blogger and the founder of He shares Business, WordPress and Blogging tips to build a better blog and succeed online.

Disclosure: The recommendations on this page are my own based on my tests and analysis. We may earn a small commission from web hosts and other partners if you use my referral link to make a purchase. That’s what helps us to maintain the site and add fresh content, Thanks for your support.

Leave a Comment