What does this plugin actually HIDE?

I was thinking the same. Are the bots able to find the wp-login.php anyway?

Would be great to discuss how or why some sites redirect to the defined url while others provide a 403 as explained in the FAQ.

The good news, I found a way to use my own login form vs the built-in one.

1) I used this plugin to hide the default url and I confirmed a 403 result instead of a redirect (not sure why it was redirecting on another site, maybe another plugin or the underlying theme, or maybe WooCommerce sites automatically do this as I know it filters the login url)

2) The new Url I used is actually just some random string that I will never actually use.

3) I then created a page slug that matches the desired login url, my custom php page template and my custom login form loads and works just fine without showing the default look.

Thus your plugin hides the default url while my theme provides the custom login url. Cheers!

I’ve installed two different security plugins and I’ve realised that day by day I have few attempts to login to my website. So WPS Hide Login seriously doesn’t hide login page and hackers has the way to display the login page… So I now dunno what to do. I want to completely hide login page that nobody else will have access to it.