As we all know, wordpress System Default background login interface address for domain name/wp-login.php directly expose the background to visitors with ulterior motives is very insecure. Because there are too many brute force tools, you may be tempted at any time. Of course you can use plug-ins. There are too many plug-ins. To avoid direct exposure of the background to the eyes of others, we can make some changes to the wp-login.php :) change the wp-login.php file open the wordpress root directory find the wp-login.php file open in the editor around 55 lines find the following code if ($ shake_error_codes & $ wp_error-> get_error_code () & in_array ($ wp_error-> get_error_code (), $ shake_error_codes) add_action ('login _ head', 'wp _ shake_js', 12);?> Add a piece of code under the Code <? Phpif ($ _ GET ["name"]! = "Alex") {header ('location: http://www.baidu.com/') ;}?> Then, access the logon page and try again. Will it jump to the 404 page of Baidu ~~~ Mo worried background address becomes a wp-login.php? Name = alex where if ($ _ GET ["name"]! = "Alex") {the parameter can be modified by yourself to make the background address look what you want, and then OK ~~