Changing your default Magento 2 admin login URL is just one minor adjustment you can use to implement greater security for your online store. This tactic augments your overall Magento security efforts.
You may improve the security for your Magento store and "harden" it against bots or hackers. They aim to find your Magento 2 admin URL and attack it by changing the default admin URL, which is problematic.
Implementing a custom Magento 2 admin login URL
This article will explain the portfolio of Magento 2 admin tools available and how to secure the Magento 2 admin login URL using custom URL. Let's review a number of related subjects as we discuss what is involved with the security enhancement we will document.
About the Magento 2 admin tools
Magento 2 now has a comprehensive collection of admin tools. The redesigned Admin toolkit enables online merchants to easily handle a wide range of store management activities while streamlining key critical ecommerce operations. So let's take a closer look at that.
1. User interface
The first thing that attracts you as a Magento 2 Admin is a beautiful and well-designed new User Interface. The updated design is touch-friendly and responsive. The new Magento 2 Admin Panel is not only visually impressive, but it also has several other improvements, with a focus on a user-friendly layout and simple navigation.
You can effectively adjust any feature of your Magento 2 store from this control panel, including advanced filters, extended search options, configurable workspaces, customizable views, and simple drag-and-drop options for customizing the working space.
2. Admin sidebar
The primary menu for the Magento 2 Admin is located on the left sidebar and is built for both desktop and mobile devices. The flyout menu gives you access to the portfolio of tools used to run your store regularly.
3. Admin dashboard
The Magento 2 admin dashboard is usually the first page that is shown when you log in to the admin area and can provide a real-time overview of sales and customer activity. Dashboard data provides a snapshot of lifetime sales, average order amount, recent orders, and search terms.
4. Admin message inbox
Adobe sends messages to your Magento 2 store on a regular basis. The notifications are prioritized and may refer to system upgrades, patches, new releases, scheduled maintenance, or future events. The bell icon in the header indicates the number of unread messages in your admin message inbox.
5. Admin grid controls
A group of records is displayed in a grid on admin pages that control data. The data can be sorted using the sliders at the top of each column. The current sort order is shown in the column header by an ascending or descending arrow. You can control which columns display in the grid by dragging them around. Additionally, you can store various column configurations as views to be used at a later time.
6. Actions control
You can use the actions control to apply an operation to one or more records while working with a collection of records in the grid. Each operation is accessible for the relevant data type listed in the actions control area. For example, sing the actions control, you can update the properties of chosen products, switch a record's status from disabled to enabled, or remove a record from the database.
7. Personalization
Additionally, personalization in Magento 2 has been enhanced. The platform's new edition makes it easier for store owners to manage large catalogs and various distributors. While customizable views enable store owners to design and save two product management grids and switch between them as needed, the new drag and drop grid columns enhance the advertising process for product catalogs. Furthermore, Magento 2 includes improved image upload possibilities as well as enhanced shopping cart personalization tools.
8. Magento 2 cache management
Magento 2.x's cache management is far more capable, comes with full page caching, and supports various cache types. The same is true with the index management features. However, the Reindexer must be launched through SSH or using Cron and is not accessible directly from the Magento 2 Admin Panel.
9. Product management
Adding a new product is much easier with Magento 2. This is because the fields needed for creating a product are now available on the first screen. Also, when you set a new product to "Enabled" or "In Stock," there's no need to make its quantity greater than zero or jump back and forth when a product doesn't appear on the front end. Furthermore, the new platform version offers improved stock and inventory management capabilities along with more flexible permission tools.
About creating a custom Magento 2 Admin login URL path
When running a Magento 2 store, one of the most crucial things to consider is website security. When placing orders, customers provide sensitive data and rely on you to protect it.
When you install Magento 2, it generates a Magento 2 admin login URL with a random string. The Magento 2 admin login URL enables you to access the store's backend and then change and handle administrative activities. However, hackers can exploit the default format.
Some common names for functional areas included as part of the default URLs, such as backend, admin, and so on, are too easy to crack using brute force attacks. All that related data is kept in the Magento admin interface, which is frequently subjected to brute force attacks.
To strengthen admin panel security, Magento suggests changing the Magento 2 admin login URL to a more complicated one. You can set Magento 2 Custom Admin login URL for your store by following one of these methods:
- Method 1: Create a custom Magento 2 admin login URL from the Magento 2 Admin Panel
- Method 2: Change the Magento 2 admin path from the command line
- Method 3: Change the Magento 2 Admin path using the Magento CLI
Method 1: Create a custom Magento 2 admin login URL from the Magento 2 Admin Panel
To create a Custom Magento 2 Admin Login URL from the Magento 2 Admin Panel, follow the steps below.
1a. From your Magento 2 Admin Panel, go to Stores > Settings > Configuration.
1b. Under the Advanced section and select Admin.
1c. Under the Admin Base URL section, set both the Use Custom Admin URL and Use Custom Admin Path fields to Yes values:
1d. Complete other fields as necessary.
1e. Once everything is completed, click the Save Config option.
Method 2: Change the Magento 2 admin path from the command line
To change the Magento 2 admin login URL using the command line, follow these steps.
2a. Open the <magento_root_directory>/app/etc/env.php file.
Default pdmin Path:
'backend' => [
'frontName' => 'admin'
],
2b. Change the value of the frontName parameter of the backend section.
New admin path example:
'backend' => [
'frontName' => 'Mag_admin'
],
2c. Save the file and clear the Magento cache. You can follow any of the methods below to clear the Magento cache:
2c Option 1: Navigate to System > Tools > Cache Management from the Magento admin area. Then, click Flush Magento Cache.
2c Option 2: Run and execute the following command from the Magento root directory on the server to clear the Magento cache:
php bin/magento cache:flush
Method 3: Change the Magento 2 Admin path using the Magento CLI
To change the Magento 2 admin path using Magento CLI, you can run the following command from the Magento root directory of the domain:
bin/magento setup:config:set --backend-frontname="admin_path"
Replace admin_path with your custom admin URL.
Restore the default Magento 2 admin URL and Magento 2 pdmin Path
If you have set an incorrect admin URL or an admin path and lost access to the Magento 2 backend, there is a way to correct the problem from the command line.
You can run the following command to restore the default Magento 2 admin URL:
php bin/magento config:set admin/url/use_custom 0
You can run the following command to restore the default Magento 2 admin path:
php bin/magento config:set admin/url/use_custom_path 0
Conclusion
One of the most useful and strongly advised steps for protecting your store from cyberattacks is to change the Magento admin URL. We recommend you alter the Magento Admin Panel's default URL to protect it against hackers and brute-force attacks.
Expect more peace of mind from your Magento 2 host
Expert support, elite performance, and ultra-flexible infrastructure. Nexcess raises the bar on hosting.
It is a helpful way of giving your website an additional layer of security. If you require assistance selecting a suitable Magento hosting plan, securing your Magento store, or customizing the Magento Admin Panel URL. You can reach out to our Magento experts in that situation.
In addition, our blog and knowledge base are excellent resources for learning how to tighten your end-to-end Magento security.