Personally, I don't recommend you to edit the .htaccess for the purpose. You can try this code, it works for me.
This code redirects to homepage whenever the default /wp-admin or /wp-login is accessed. You can set a passcode as the login URL and only allow wp-admin and wp-login access via this URL: https://www.yourdomain.com/?you-set-your-passcode
Add this code to the functions.php of your theme.
// define and set passcode that serves as login url.
define('PASSCODE','make-you-own-passcode');
function mask_login_url(){
// redirect to login page when passcode is verified
if( !is_user_logged_in() && parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY) == PASSCODE ){
wp_safe_redirect( home_url('wp-login.php?'. PASSCODE .'&redirect=false') );
exit();
}
// redirect to dashboard if user has already logged in
if( is_user_logged_in() && parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY) == PASSCODE ){
wp_safe_redirect( home_url("wp-admin") );
exit();
} }
add_action( 'init', 'mask_login_url');
function mask_login_redirects(){
if( isset($_POST['passcode']) && $_POST['passcode'] == PASSCODE) return false;
// redirects to dashboard when /wp-admin is accessed and user is logged in
if ( (is_user_logged_in()) && (strpos($_SERVER['REQUEST_URI'], 'wp-admin') !== false)) {
wp_safe_redirect( home_url("wp-admin"), 302 );
exit();
}
// redirects to homepage when /wp-admin or /wp-login is accessed and user is not logged in
if ( (!is_user_logged_in()) && ((strpos($_SERVER['REQUEST_URI'], 'wp-admin') !== false) || (strpos($_SERVER['REQUEST_URI'], 'wp-login') !== false)) && ( strpos($_SERVER['REQUEST_URI'], PASSCODE) === false ) ) {
wp_safe_redirect( home_url(), 302 );
exit();
}
// redirect to homepage after logout
if( strpos($_SERVER['REQUEST_URI'], 'action=logout') !== false ){
check_admin_referer( 'log-out' );
wp_logout();
wp_safe_redirect( home_url('?logged-out'), 302 );
exit();
} }
add_action( 'login_init', 'mask_login_redirects', 1);
// Add a passcode hidden field to login form
function custom_login_hidden_field(){
echo '<input type="hidden" name="passcode" value="'. PASSCODE .'" />';
}
add_action('login_form', 'custom_login_hidden_field');