To this day, WordPress is one of the best blogging software and thousands of bloggers use it to run their blogs. If you have installed WordPress in the root of your domain, there are a couple of reasons to move the core WordPress files to a custom directory of your site.
Why Move the Core WordPress Files to Another Directory
Lots of hackers and spammers are always trying to find holes in your website. They try all sorts of things to gain unauthorized access to your blog. The more popular your blog is, the more prone it is to the hackers. Hence, you should take good care to secure your WordPress blog and make it really difficult for hackers to hack your site.
Moving the core WordPress files to another directory will ensure that no one else can guess the location and URL of login links, wp-admin or wp-includes folder.
Steps to Move the WordPress Files out of Root Directory
If you have your WordPress files in the root directory, follow these simple steps to move them out:
1. First, take a safe back up of your WordPress installation. This is to ensure that you can restore the settings, if something goes wrong.
2. Next, log in to the FTP account of your webhost and create a new directory in your website. The directory can be anywhere, some of the examples may be
Don’t use the name of the directory as WordPress. The main idea is to secure your blog from hackers, and WordPress is a very common term which anyone can guess.
3. Open your FTP account and download all the core WordPress files from the root directory of your site. This includes backing up the following:
– wp-admin directory
– wp-includes directory
– wp-content directory
– All the other WordPress files – wp-config.php, index.php, wp-activate.php, wp-atom.php,wp-blog-header.php,wp-comments.php and so on. See entire list
4. Once you have downloaded all the files, upload them to the custom directory you created in step 2. This would take some time, be patient and check for partial or failed uploads very carefully.
5. Do not delete the older files now ( those in your root directory). You can always delete the older files later.
6. Log in to your WordPress administration area and go to Settings > General. In the WordPress address field, enter the location of the directory as shown below:
Keep the Site address field the same as the homepage of your blog.
7. Click Save Changes. You may see some errors messages and your blog’s homepage may go blunt but that’s easily fixed in the following steps.
8. Download the index.php from your site’s root directory and open it with a text editor. Find the following line
and change it to:
Example: If you have uploaded your core WordPress files to www.yoursite.com/files/core, you have to enter the following line
6. Upload the index.php file to your root directory again. You will have to overwrite the earlier index.php file.
That’s it, you have just moved your WordPress core files to a safe location. The new login link would be www.yoursite.com/yourdirectory/wp-login.php
Deleting the older Files
Once everything is fine and you have safely moved the WordPress files to a newer location, it’s time to get rid of the older WordPress files and directories that are lying in your domain’s root.
Keep the index.php and .HTACCESS file in your domain’s root and delete all the other files and directories. This includes deleting the wp-admin, wp-includes and other WordPress files (see check list)
1. Do not delete the Wp-content/uploads directory, if you have uploaded the images to the default wp-content directory from the day you started writing your blog. Deleting the older Wp-content directory will delete the images and your older posts will show broken images. This is the reason why you should always upload images to a sub-domain.
2. Do not place login links and other meta information in your site’s theme. Anyone can guess the location of your WordPress installation directory using the Login link from your site’s theme.
Do you use a custom directory for WordPress files? Or do you leave them in the root itself? Share your ideas in the comments.