I have a clent who would like to obfuscate the URL endpoints to discourage bot activity that targets stock Magento installations.
So, for example, the URL:
would be more like:
This can't just be a redirect, because the old URL must not work in any way to prevent bots from trying to hit it. So, any attempts at the stock Magento URL need to fail without exception, and only the customized URL will work.
What's the best way to tackle this?
You probably would need to overwrite LoginPost.php in a di.xml file, deactivate this route with a NotFoundException and create a new route in a custom module that does the same as the old route.
But it's not recommended and I don't think this is necessary.
Log in to your Magento Admin Panel. On the upper right, click System>Configuration. From the main menu, under the General list, click Web. Open the Unsecure and Secure drop-down lists, locate the base URL line, and replace this with the new URL. mywakehealth.org