Nexcess Logo

Securing your site — custom Magento 2 admin login URL

Knowledge Base Home

Notice anything different?

We've enhanced the appearance of our portal and we're working on updating screenshots. Things might look different, but the functionality remains the same.
May 10, 2023

Changing your default Magento 2 admin login URL is just one minor adjustment you can use to implement greater security for your online store. This tactic augments your overall Magento security efforts.

You may improve the security for your Magento store and "harden" it against bots or hackers. They aim to find your Magento 2 admin URL and attack it by changing the default admin URL, which is problematic.

Implementing a custom Magento 2 admin login URL

This article will explain the portfolio of Magento 2 admin tools available and how to secure the Magento 2 admin login URL using custom URL. Let's review a number of related subjects as we discuss what is involved with the security enhancement we will document.

About the Magento 2 admin tools

Magento 2 now has a comprehensive collection of admin tools. The redesigned Admin toolkit enables online merchants to easily handle a wide range of store management activities while streamlining key critical ecommerce operations. So let's take a closer look at that.

1. User interface

The first thing that attracts you as a Magento 2 Admin is a beautiful and well-designed new User Interface. The updated design is touch-friendly and responsive. The new Magento 2 Admin Panel is not only visually impressive, but it also has several other improvements, with a focus on a user-friendly layout and simple navigation.

You can effectively adjust any feature of your Magento 2 store from this control panel, including advanced filters, extended search options, configurable workspaces, customizable views, and simple drag-and-drop options for customizing the working space.

2. Admin sidebar

The primary menu for the Magento 2 Admin is located on the left sidebar and is built for both desktop and mobile devices. The flyout menu gives you access to the portfolio of tools used to run your store regularly.

3. Admin dashboard

The Magento 2 admin dashboard is usually the first page that is shown when you log in to the admin area and can provide a real-time overview of sales and customer activity. Dashboard data provides a snapshot of lifetime sales, average order amount, recent orders, and search terms.

4. Admin message inbox

Adobe sends messages to your Magento 2 store on a regular basis. The notifications are prioritized and may refer to system upgrades, patches, new releases, scheduled maintenance, or future events. The bell icon in the header indicates the number of unread messages in your admin message inbox.

5. Admin grid controls

A group of records is displayed in a grid on admin pages that control data. The data can be sorted using the sliders at the top of each column. The current sort order is shown in the column header by an ascending or descending arrow. You can control which columns display in the grid by dragging them around. Additionally, you can store various column configurations as views to be used at a later time.

6. Actions control

You can use the actions control to apply an operation to one or more records while working with a collection of records in the grid. Each operation is accessible for the relevant data type listed in the actions control area. For example, sing the actions control, you can update the properties of chosen products, switch a record's status from disabled to enabled, or remove a record from the database.

7. Personalization

Additionally, personalization in Magento 2 has been enhanced. The platform's new edition makes it easier for store owners to manage large catalogs and various distributors. While customizable views enable store owners to design and save two product management grids and switch between them as needed, the new drag and drop grid columns enhance the advertising process for product catalogs. Furthermore, Magento 2 includes improved image upload possibilities as well as enhanced shopping cart personalization tools.

8. Magento 2 cache management

Magento 2.x's cache management is far more capable, comes with full page caching, and supports various cache types. The same is true with the index management features. However, the Reindexer must be launched through SSH or using Cron and is not accessible directly from the Magento 2 Admin Panel.

9. Product management

Adding a new product is much easier with Magento 2. This is because the fields needed for creating a product are now available on the first screen. Also, when you set a new product to "Enabled" or "In Stock," there's no need to make its quantity greater than zero or jump back and forth when a product doesn't appear on the front end. Furthermore, the new platform version offers improved stock and inventory management capabilities along with more flexible permission tools.

About creating a custom Magento 2 Admin login URL path

When running a Magento 2 store, one of the most crucial things to consider is website security. When placing orders, customers provide sensitive data and rely on you to protect it.

When you install Magento 2, it generates a Magento 2 admin login URL with a random string. The Magento 2 admin login URL enables you to access the store's backend and then change and handle administrative activities. However, hackers can exploit the default format.

Some common names for functional areas included as part of the default URLs, such as backend, admin, and so on, are too easy to crack using brute force attacks. All that related data is kept in the Magento admin interface, which is frequently subjected to brute force attacks.

To strengthen admin panel security, Magento suggests changing the Magento 2 admin login URL to a more complicated one. You can set Magento 2 Custom Admin login URL for your store by following one of these methods:

  • Method 1: Create a custom Magento 2 admin login URL from the Magento 2 Admin Panel
  • Method 2: Change the Magento 2 admin path from the command line
  • Method 3: Change the Magento 2 Admin path using the Magento CLI

Method 1: Create a custom Magento 2 admin login URL from the Magento 2 Admin Panel

To create a Custom Magento 2 Admin Login URL from the Magento 2 Admin Panel, follow the steps below.

1a. From your Magento 2 Admin Panel, go to Stores > Settings > Configuration.

1b. Under the Advanced section and select Admin.

1c. Under the Admin Base URL section, set both the Use Custom Admin URL and Use Custom Admin Path fields to Yes values:

Under the Admin Base URL section, set both the Use Custom Admin URL and Use Custom Admin Path fields to Yes values.


1d. Complete other fields as necessary.

1e. Once everything is completed, click the Save Config option.

Method 2: Change the Magento 2 admin path from the command line

To change the Magento 2 admin login URL using the command line, follow these steps.

2a. Open the <magento_root_directory>/app/etc/env.php file.

Default pdmin Path:

 'backend' => [
  'frontName' => 'admin'
 ],

2b. Change the value of the frontName parameter of the backend section.

New admin path example:

 'backend' => [
     'frontName' => 'Mag_admin'
 ],

2c. Save the file and clear the Magento cache. You can follow any of the methods below to clear the Magento cache:

2c Option 1: Navigate to System > Tools > Cache Management from the Magento admin area. Then, click Flush Magento Cache.

2c Option 2: Run and execute the following command from the Magento root directory on the server to clear the Magento cache:

php bin/magento cache:flush

Method 3: Change the Magento 2 Admin path using the Magento CLI

To change the Magento 2 admin path using Magento CLI, you can run the following command from the Magento root directory of the domain:

bin/magento setup:config:set --backend-frontname="admin_path"

Replace admin_path with your custom admin URL.

Restore the default Magento 2 admin URL and Magento 2 pdmin Path

If you have set an incorrect admin URL or an admin path and lost access to the Magento 2 backend, there is a way to correct the problem from the command line.

You can run the following command to restore the default Magento 2 admin URL:

php bin/magento config:set admin/url/use_custom 0

You can run the following command to restore the default Magento 2 admin path:

php bin/magento config:set admin/url/use_custom_path 0

Conclusion

One of the most useful and strongly advised steps for protecting your store from cyberattacks is to change the Magento admin URL. We recommend you alter the Magento Admin Panel's default URL to protect it against hackers and brute-force attacks.

Expect more peace of mind from your Magento 2 host

Expert support, elite performance, and ultra-flexible infrastructure. Nexcess raises the bar on hosting.

It is a helpful way of giving your website an additional layer of security. If you require assistance selecting a suitable Magento hosting plan, securing your Magento store, or customizing the Magento Admin Panel URL. You can reach out to our Magento experts in that situation.

In addition, our blog and knowledge base are excellent resources for learning how to tighten your end-to-end Magento security.

Mohammed Noufal
Mohammed Noufal


Mohammed Noufal is a B.Tech graduate with a decade of experience in server administration and web hosting. He has a specialization in various cloud technologies and server management, including monitoring, configuring, troubleshooting, and maintenance.

He is a father to two daughters and finds fulfillment in their growth. In his free time, he enjoys blogging about technology, sharing experiences, traveling, making new friends, social networking, and listening to music.

With a strong technical background, family commitment, and creative outlets, he represents a well-rounded life journey.

We use cookies to understand how you interact with our site, to personalize and streamline your experience, and to tailor advertising. By continuing to use our site, you accept our use of cookies and accept our Privacy Policy.