Using a Custom Admin URL

As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access.

Check with your hosting provider before implementing a custom Admin URL. Some hosting providers require a standard URL to meet firewall protection rules.

In a typical Magento installation, the Admin URLĀ and path is immediately below the Magento base URL. The path to the store Admin is one directory below the root.

  • Default Base URL:
  • Default Admin URL and Path:

Although it is possible to change the Admin URL and path to another location, any mistake removes access to the Admin, and must be corrected from the server.

As a precaution, do not try to change the Admin URL by yourself unless you know how to edit configuration files on the server.

Method 1: Change from the Magento Admin

  1. On the Admin sidebar, go to Stores > Settings > Configuration.

  2. In the left panel, expand Advanced and choose Admin.

  3. Expand Expansion selector the Admin Base URL section.

  4. Set the configuration options for the custom URL:

    Advanced configuration - Admin base URL Admin Base URL

    If needed, clear the Use system value checkbox to change the setting.

    • Set Use Custom Admin URL to Yes.

    • Enter the Custom Admin URL:

      The Admin URL must be in the same Magento installation, and have the same document root as the storefront.

    • Set Custom Admin Path to Yes.

    • Enter the Custom Admin Path.

      The path that you enter is appended to the Custom Admin URL after the last forward slash.


  5. When complete, click Save Config.

  6. After the changes are saved, Sign Out of the Admin. Then, log back in using the new Admin URL and path.

Method 2: Change from the Server Command Line

  1. Open the app/etc/env.php file in a text editor, and change the name of the [admin] path. Make sure to use only lowercase characters. Then, save the file.

    On the server, the admin path is located in the app/etc/env.php file. Look for the <adminhtml> argument in the <admin> section:

    • Default Admin Path

         # <frontName><![CDATA[admin]]></frontName>
    • New Admin Path

         # <frontName><![CDATA[backend]]></frontName>
  2. Use one of the following methods to clear the Magento cache:

    • On the Admin sidebar, go to System > Tools > Cache Management. Then, click Flush Magento Cache.
    • On the server, navigate to the var/cache folder and delete the contents of the cache folder.