Magento Open Source, 1.9.x
Using a Custom Admin URL

As a security best practice, Magento recommends that you use a unique, custom Admin URL  instead of the default “admin” or the often-used “backend,” Although it will not directly protect your site from a determined attacker, it can reduce exposure to scripts that try to break in to Magento sites.

Check with your hosting provider before implementing a custom Admin URL. Some hosting providers require a standard URL to meet firewall protection rules.

In a typical Magento installation, the Admin URL and path is immediately below the Magento base URL. The path to the store Admin is one directory below the root.

  • Default Base URL
  • Default Admin URL and Path

Although it is possible to change the Admin URL and path to another location, any mistake removes access to the Admin, and must be corrected from the server.

As a precaution, do not try to change the Admin URL by yourself unless you know how to edit configuration files on the server.