Using a Custom Admin URL

As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default “admin” or a common term such as “backend”. Although it will not directly protect your site from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access.

Check with your hosting provider before implementing a custom Admin URL. Some hosting providers require a standard URL to meet firewall protection rules.

In a typical Magento installation, the Admin URL and path is immediately below the Magento base URL. The path to the store Admin is one directory below the root.

  • Default Base URL: http://yourdomain.com/magento/
  • Default Admin URL and Path: http://yourdomain.com/magento/admin

Although it is possible to change the Admin URL and path to another location, any mistake removes access to the Admin, and must be corrected from the server.

As a precaution, do not try to change the Admin URL by yourself unless you know how to edit configuration files on the server.

Method 1: Change from the Magento Admin

  1. On the Admin sidebar, click Stores.

  2. Under Settings, choose Configuration.

  3. In the panel on the left, under Advanced, choose Admin.

  4. Expand the Admin Base URL section. Then, do the following:

    Admin Base URL

    • Clear the first Use system value checkbox. Then, set Use Custom Admin URL to Yes.

    • Clear the next Use system valuel checkbox. Then, enter the Custom Admin URL: http://yourdomain.com/magento/

      The Admin URL must be in the same Magento installation, and have the same document root as the storefront.

    • Clear the next Use system valuel checkbox. Then, set Custom Admin Path to Yes.

    • Clear the next Use system valuel checkbox. Then, enter the Custom Admin Path.

      The path that you enter is appended to the Custom Admin URL after the last forward slash.

      sample_custom_admin

  5. When complete, click Save Config.

  6. After the changes are saved, Sign Out of the Admin. Then, log back in using the new Admin URL and path.

Method 2: Change from the Server Command Line

  1. Open the app/etc/env.php file in a text editor, and change the name of the [admin] path. Make sure to use only lowercase characters. Then, save the file.

    On the server, the admin path is located in the app/etc/env.php file. Look for the <adminhtml> argument in the <admin> section:

    • Default Admin Path

       # <frontName><![CDATA[admin]]></frontName>
      
    • New Admin Path

       # <frontName><![CDATA[backend]]></frontName>
      
  2. Use one of the following methods to clear the Magento cache:

    • On the Admin sidebar, click System. Under Tools, choose Cache Management. Then, click Flush Magento Cache.
    • On the server, navigate to the var/cache folder, and delete the contents of the cache folder.