Support

Components, Admin Tools, Web Application Firewall, Configure WAF, Basic Features tab.

It is the “Change administrator login directory to” option.

Please note that this is an unsupported feature. Also keep in mind that it merely prevents you from accessing /administrator until you visit the custom directory. For example, if your site is www.example.com and the option is set to foobar you need to visit www.example.com/foobar first. This sets a cookie in your browser which allows you to access /administrator. Joomla does not support completely renaming the administrator folder; that would cause all sorts of problems in Joomla itself and third party extensions.

According to our tests it works the same on Joomla 4 as it works on Joomla 3. What we do does not change with the Joomla version, it depends on the URL routing, secure tokens and cookies which have not changed since Joomla versions 1.5, 3.7 and 1.0 respectively.

Please remember that if you use non-www to www redirection (or vice versa), you need to visit your site's administrator using the canonical domain name. So, for example, if you have non-www to www redirection and your site is accessible as both www.example.com and example.com you MUST visit your administrator login page as www.example.com/administrator. We only set cookies for the domain name we are in and that's on purpose, not laziness. This prevents a situation where you have two sites in two different subdomains, e.g. site1.example.com and site2.example.com, interfering with each other's changed admin login URL cookies.