Using a Custom Admin URL

As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access.

Check with your hosting provider before implementing a custom Admin URL. Some hosting providers require a standard URL to meet firewall protection rules.

In a typical Magento installation, the Admin URL and path is immediately below the Magento base URL. The path to the store Admin is one directory below the root.

  • Default Base URL: http://yourdomain.com/magento/
  • Default Admin URL and Path: http://yourdomain.com/magento/admin

Although it is possible to change the Admin URL and path to another location, any mistake removes access to the Admin, and must be corrected from the server.

As a precaution, do not try to change the Admin URL yourself unless you know how to edit configuration files on the server.

Method 1: Change from the Magento Admin

  1. On the Admin sidebar, go to Stores > Settings > Configuration.

  2. In the left panel, expand Advanced and choose Admin.

  3. Expand Expansion selector the Admin Base URL section.

  4. Set the configuration options for the custom URL:

    Advanced configuration - Admin base URL Admin Base URL

    If needed, clear the Use system value checkbox to change the setting.

    • Set Use Custom Admin URL to Yes.

    • Enter the Custom Admin URL: http://yourdomain.com/magento/

      The Admin URL must be in the same Magento installation, and have the same document root as the storefront.

    • Set Custom Admin Path to Yes.

    • Enter the Custom Admin Path.

      The path that you enter is appended to the Custom Admin URL after the last forward slash.

      sample_custom_admin

  5. When complete, click Save Config.

  6. After the changes are saved, Sign Out of the Admin. Then, log back in using the new Admin URL and path.

Method 2: Change the Admin Path from the server command line

  1. Open the app/etc/env.php file in a text editor, and change the value of the frontName parameter of the backend section. Then, save the file.

    Make sure to use only lowercase characters.

    This method allows you to change the Admin Path, but not the Admin URL.

    • Default Admin Path
       'backend' => [
        'frontName' => 'admin'
       ],
      
    • New Admin Path
       'backend' => [
           'frontName' => 'backend'
       ],
      
  2. Use one of the following methods to clear the Magento cache:

    • On the Admin sidebar, go to System > Tools > Cache Management. Then, click Flush Magento Cache.
    • On the server, execute the following:
       php bin/magento cache:flush
      

    Note that the changes made using the Method 1 will have the priority over the changes made in the app/etc/env.php file.

Restore the default Admin URL and Admin Path

In case you have set an invalid Admin URL or an Admin Path and lost access to the backend, there is a way to fix this from the command line.

  1. Execute this command to revert to the default Admin URL

    php bin/magento config:set admin/url/use_custom 0
    
  2. Execute this command to revert to the default Admin Path (set in the app/etc/env.php as described in the Method 2)

    php bin/magento config:set admin/url/use_custom_path 0
    
  3. Use one of the following methods to clear the Magento cache:

    • On the Admin sidebar, go to System > Tools > Cache Management. Then, click Flush Magento Cache.
    • On the server, execute the following:
       php bin/magento cache:flush