PHP wordpress wp-admin重写

Posted 2021-05-15

change secure-login to your desire url to call 
secure-login change in wp-login.php as well on your top most code


.htaccess file rules
==================

# BEGIN WordPress
<IfModule mod_rewrite.c>

RewriteEngine On
#RewriteBase /
#RewriteRule ^secure-login$ wp-login.php [L,NC,QSA]
RewriteRule ^admin$ wp-login.php [L,NC,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ./index.php [L]

</IfModule>

# END WordPress





copy past this code in wp-login.php put on very top most place
=====

session_start();
//See what file is being requested by the web client, also store the arguments just in case.
list($file,$arguments) = explode("?", $_SERVER['REQUEST_URI']);
//if the user just logged out, destroy this session and redirect them to root
if("/wp-login.php?loggedout=true" == $file ."?" .$arguments || "action=logout" == substr($arguments, 0, 13))
{ session_destroy(); header("location: /"); }
 
//If our sentinel variable is set and true do nothing, allow normal script execution
if(isset($_SESSION['valid_entrance']) && $_SESSION['valid_entrance'] == true) { /* As they say, "Silence is golden" */ }
 
//Now if the user is requesting wp-login.php and our sentinel is not true, redirect the "attacker" to root.
elseif(stripos($file, 'wp-login') && !isset($_SESSION['valid_entrance']))
{  header("Location: /"); exit(); }
 
//If the user is requesting the right login entrance set the sentinel to true
elseif ($file == "/admin")
{  $_SESSION['valid_entrance'] = true; }