Developed exclusively for WordPress sites, our managed hosting solution provides dedicated memory and storage space in highly configured Virtual Private Servers for each site hosted.

If you are not using WPMU DEV hosting, learn more about pricing, what’s included, and how to get started free.

Not sure if WPMU DEV Managed WordPress hosting is right for you?

Want to compare how to set up and self-manage a VPS hosting environment yourself? Check out Optimized WordPress Hosting: DIY or Managed? on our blog.

1.1 About Free Sites

Copy chapter anchor to clipboard

Depending on your WPMU DEV membership plan, it may include hosting credits that can be applied toward the cost of sites hosted with us.

We do this by applying a hosting credit to your membership account that can be used to defer the per-site costs associated with whatever hosting plan you choose.

You can see more about our pricing on the Hosting Overview page. See also How WPMU DEV Hosting Credits Work for details on how hosting credits are applied.

NOTE: Archiving Unused Sites

Efficient allocation of resources is one of the ways we keep costs down for all members. Therefore, free sites will be archived after 21 days unless a permanent domain has been added to the site and set as the Primary domain, and the site’s Hub has been visited at least once. Members are notified by email at least seven days before a site is archived and can prevent that from happening for another 21-days simply by clicking a link in that email. There is no limit to the number of times members can extend that 21-day period and sites that have been archived can be reactivated within 30 days by contacting support, or see Restoring a Deleted Site below.

1.2 Creating a New Site

Copy chapter anchor to clipboard

All members, including those on an introductory free trial, whose sites are hosted by WPMU DEV can create and manage new hosting sites in from The Hub.


WPMU DEV members are authorized up to 10 free email accounts that can be configured in minutes to display the member’s domain in the email address. See our Email Hosting product page for details.

From the Hub 2.0 site overview screen, click the Add a website (+) icon.


Click the Create site button under the Create new module to create a brand new site hosted with WPMU DEV.


Choose your temporary destination and click the blue arrow button to continue.


Enter your desired admin credentials on the Create WordPress Administration Account screen and click the blue arrow button to continue.


Choose where you would like your site hosted. For best performance, select a location closest to the majority of your visitors. See the Locations & Regions chapter below for more info.


Important Information:

  • Your ‘Site Title’ can be changed at any time in the future.
  • Your ‘Temporary Destination Domain’ CANNOT be changed in the future without using the site migration tool. This is the link you will use to access the site before you configure DNS and choose a final primary domain.
  • Your ‘WordPress admin’ user information can be changed in the future. Do remember the password you set in order to access the WordPress Dashboard once the site is ready. If you lose it, you can always do a password reset by email.
  • The ‘Server’ location CANNOT be changed in the future without changing DNS information or migrating your site. The best idea is to always choose the location closest to where the majority of your site’s visitors are located.
  • You can convert a single site to a ‘Multisite’ network in the future, but it is much more challenging to go the other way.
  • To prevent phishers/hackers, we do not allow the following to be part of temp domains: ‘agric’, ‘securip’, ‘apple’, ‘google’, ‘gmail’, ‘netflix’, ‘paypal’, ‘amazon’, ‘billing’, ‘netfix’, ‘bill-‘, ‘-bill’, ‘credit-‘

1.3 Migrating An Existing Site

Copy chapter anchor to clipboard

Sites can be migrated to WPMU DEV hosting using our migration tool or by manually transferring files using sFTP/SSH and phpMyAdmin. We recommend using the migration tool because it simplifies and accelerates the process and automatically resolves issues that occasionally interfere with a smooth migration.

If you run into any trouble, just start a live chat or create a support ticket, and our team will help get your site moved. See Manual Migration by WPMU DEV Staff below for more info on that.


When migrating a site that has tracking codes like Adsense, you may want to temporarily remove those codes from the duplicate site created here to avoid any possible tracking errors or penalties due to duplicate codes on different domains. Once you’ve got everything set up on the new site here and have adjusted DNS for the domain name, you can add those tracking codes back on your new site created here.

1.3.2 Manual Migration by WPMU DEV Staff

Link to chapter 3

As a WPMU DEV member, you can also request that we manually migrate your site in case the above options don’t work for you. We can migrate either directly from the server where your existing site is currently hosted, or by using a full and complete backup of your existing site that you provide.

To get your migration done by our staff, you’d need to provide the following required information for either method to our live chat support superheroes.

They will then create the needed support ticket for you, and our hosting support techs will get the migration done. You’ll be notified in your support ticket once the migration is finished.

Info required for manual migration

From server

  1. Admin login credentials to your existing WordPress site (if Multisite please provide Super Admin details):
    • Admin Username
    • Admin Password
    • Login URL
  2. FTP credentials to your existing WordPress site:
    • Hostname
    • Username
    • Password
    • Port
    • Key-File (and password) if needed
  3. Server admin credentials to your existing WordPress site (cPanel, Plesk or equivalent at your current host):
    • Username
    • Password
    • Login URL
  4. Destination Environment
    • WPMU DEV Hosting temporary * URL (can be an existing WPMU DEV hosted site you wish to overwrite, or a brand new one you create before requesting the migration)

From backup

  1. A full backup of your existing WordPress site (.zip, .tar.gz etc)
    • Must include all site files and export of your database (.sql file)
  2. Destination Environment
    • WPMU DEV Hosting temporary * URL (can be an existing WPMU DEV hosted site you wish to overwrite, or a brand new one you create before requesting the migration)

Supported Migrations & Conversions

It’s important to note that some types of migrations are out-of-scope and cannot be handled by our support or hosting staff. Following are the types of manual migrations/conversions that we can and cannot do for you.

  1. Supported migrations
    • Yes – If Single site -> Single site
    • Yes – If Multisite -> Multisite
  2. Supported conversions
    • Yes – If Single site -> Multisite
    • Yes – If Subsite -> Single site (you should expect to need to perform some cleanup in the converted site, and there may be configuration issues for some plugins due to conversion)
    • Depends – If Multisite -> Single site (supported only if there’s just a main site, without subsites)
    • Depends – If Subdomain -> Subdirectory (supported only if there’s just a main site, without subsites)
    • Depends – If Subdirectory -> Subdomain (supported only if there’s just a main site, without subsites)
  3. Not supported – Out of scope
    • No – If Single -> Subsite (3rd party developer required for this type of migration)
    • No – If Subsite -> Subsite (3rd party developer required for this type of migration)

The Connect module on the Hub 2.0 Getting started screen is used to Connect sites not hosted with WPMU DEV in The Hub. For more information, visit our full documentation on connecting your site to the Hub.

The Clone a site module in the hosting getting started wizard allows you to quickly set up new websites with your favorite plugins, theme, and configuration options from a template.

Click the Clone Site button and follow the clone module guide to make a copy of an existing site or use one of our pre-configured templates.

For guided information on using Clone to set up and use templates on your WPMU DEV hosting account, visit the Cloning Sites documentation.

1.6 Locations & Regions

Copy chapter anchor to clipboard

Members are free to choose the region in which their data is stored. We are currently partnered with DigitalOcean and Linode, and maintain regional hosting facilities in the following locations:

  • Australia (Sydney)
  • Canada (Toronto)
  • Germany (Frankfurt)
  • India (Bangalore)
  • Japan (Tokyo)
  • Netherlands (Amsterdam)
  • Singapore
  • United Kingdom (London)
  • USA East (New York City)
  • USA West (San Francisco)
How Much Does Server Location Matter?

At WPMU DEV, we’re always looking for ways that we can provide the best opportunity for a blazing-fast site, which means setting up data centers in strategic locations. In this case, we decided to test out just how much the addition of the data center in Australia impacted load times for an audience there. Check out our blog, Timed & Tested: Shave Seconds Off Your Load Time to read more about the results.

Changing Regions

The easiest way to migrate a site from one hosting region to another is by using our Clone tool in the Hub. For details on how to do that, please see the Migrate a Site to a New Region chapter in the Cloning Sites documentation. You can also request a Manual Migration by WPMU DEV Staff as detailed above.

Members are free to migrate sites from one region to another at any time but should be aware that our hosted backups are regionally isolated and cannot be migrated with the site. Members should download any hosted backups they wish to preserve before initiating the migration. Hosting backups cannot be accessed from a different region, and we cannot move them for you after the fact.

Also, migrating a site to a new region will require the assignment of a new dedicated IP address, so all DNS settings will have to be reconfigured, including any IP address-dependent plugins or integrated apps.

Finally, there is downtime to consider. The original site will cease to function the moment the migration begins. The time required for the migration depends on the size of the site or sites being moved, and once the site is up in its new region, how long it takes to reconfigure its plugins and apps depends largely on the skill of the admins.

1.7 Plans & Usage Limits

Copy chapter anchor to clipboard

Each site that we host gets its own plan, complete with its own dedicated memory, CPUs, storage, and usage limits.

See all plans and specs here.

WPMU DEV vs. Other Hosting Services

Curious about how our hosting holds up against other popular hosting services on the market? Well, even if you weren’t curious, we definitely were! So, we decided to put them all to the test and thought we’d clue you in on exactly how we did that – full transparency. Check out How to Accurately Test Your WordPress Host for more information on the tests we conducted and what online resources we used.

You can upgrade plans at any time. You can also downgrade a plan at any time. However, please note that downgrading more than one level may require a DNS change that only our support team can accomplish manually. This is because of technical limitations around storage space in the environment. In these cases, we’ll set up a new hosting environment at the desired plan and manually migrate the site’s files and content over.

We do not set hard limits on visits, bandwidth, or traffic, but we do provide recommended visit levels for each plan to help you determine which plan will be right for you. Your site will have lower performance, including brief outages, when your memory and CPU resources are maxed out.

Factors that might use more resources and thus require you to upgrade:

  • WordPress Multisite – Multisite networks are more taxing on server resources, especially Subdomain installs and those Multisite where you will have many logged-in users.
  • Membership Sites – Membership sites receive a higher percentage of traffic where users are logged in, which means that caching systems in place are not as helpful in managing their load.
  • e-Commerce Sites – Similar to Membership sites, increased logged-in activity for checkout can cause a higher server load.
  • Poorly coded themes or plugins – Some themes and plugins just aren’t as efficient for performance as others. They may also add features that require higher processing loads.

You will notice that each hosting plan offers a different number of shared vCPUs. These virtual CPU cores play a key role in determining your site’s performance. However, it is important to note that performance is controlled by more than just the number of vCPUs and simply having more vCPUs will not necessarily improve your performance. Your site will also be heavily affected by the dedicated RAM and so the balance between RAM and vCPUs is worth noting. All of our hosting plans have been allocated specific RAM and vCPUs with that ratio in mind.

Also note that if a theme or plugin is so poorly coded that it slows your site to a crawl, or is throwing fatal errors, upgrading your plan would likely not improve performance until those issues are investigated and resolved.

1.7.1 Bulk Hosting Discounts

Link to chapter 7

Are there discount rates available for bulk hosting with WPMU DEV dedicated managed WordPress hosting? Yes, WPMU DEV has discount rates available for agencies or users with 20+ websites.

To learn more about bulk pricing, contact support, or start a live chat to discuss discount options.

Hosting Discounts Rates:

  • Are for users with more than 20 sites
  • Are based on volume (the more sites you have on your account, the better the rate we can offer.)

1.8 WordPress Multisite

Copy chapter anchor to clipboard

Unlike many hosts, we support (and encourage!) the use of WordPress Multisite on all plans.

However, you should be aware that WordPress Multisite networks will use more server, CPU, and memory resources than standard WordPress single installs. So, if you have more than a handful of sites, you might find you need one of the higher plans to meet your WordPress Multisite network’s needs.

Subdirectory installations (i.e., can be created by you in your Hosting Hub.

Subdomain installations (i.e., require manual work from our support team. Before converting or migrating a WordPress Multisite subdomain install, we need to be sure that you are able to:

  1. Configure wildcard DNS for the desired domain with your domain registrar
  2. Provide us with a wildcard SSL certificate for the desired name.

Please contact support to start the process for a subdomain install.

1.9 Modifying Size and Type Limits

Copy chapter anchor to clipboard

This guide covers how to safely modify the WordPress default limits on the size and type of files that can be uploaded to the media library.

After reading this guide, if you still have questions regarding file upload limits or you need help setting the right limits for your site, you can always start a Live chat with our hosting support Superheroes or submit a support ticket using the Support tab of your WPMU DEV Dashboard.

WPMU DEV Support tab

WPMU DEV Max Upload File Size

The maximum file upload size for all WPMU DEV-hosted sites is 128Mb, regardless of hosting plan. Members can restrict the size of uploaded files, but the maximum size cannot be increased.

This cap should be more than enough for most sites, and is set on our managed WordPress hosting to limit the potential of attacks that can exploit large file size limits with huge post requests and overload your server.

Files larger than 128Mb should be uploaded by SFTP/SSH. See our SFTP & SSH documentation for information on how to upload large files.

To view the current maximum upload size for any site, navigate to the WordPress media uploader: Dashboard > WP Admin > Media > Add New. The upload size limit will be displayed at the bottom of the UI.

How to check max file upload limit

WordPress Default File Types

Members can add or remove file types from the allowed upload list as needed but should keep in mind that each added file type creates a potential security risk for your site or network. We recommend that you add only those file types you need.

WordPress allows uploading of these file types by default:

Images: jpg, jpeg, png, gif, ico
Documents: pdf, doc, docx, ppt, pptx, pps, ppsx, odt, xls, xlsx, psd
Audio: mp3, m4a, ogg, wav
Video: mp4, m4v, mov, wmv, avi, mpg, ogv, 3gp, 3g2

1.9.1 Multisite Upload Limits

Link to chapter 9

Multisite admins can adjust both the file size and file type limits in their Network Settings, located here: Dashboard > Network Admin > Settings > Network Settings.

Multisite file size and type limits

Scroll down to the Upload Settings section, where you will find the Upload file type and Max Upload File Size fields.

Upload Setting Multisite

Adding/Removing File Types in Multisite

In the Upload file types field, enter the file extensions of the file types you want to add, separating the extensions with a single space. Delete the extensions of file types you do not want to be uploaded.

Modifying file type and size limits

Modifying the File Size Upload Limit in Multisite

In the Max Upload File Size field, enter a size, in kilobytes, up to 12800kb (128mb) to set the max size for files uploaded to this network.

Click Save Changes, and that’s all there is to it. The new file size limit will apply to every site within this network.

1.9.2 Standard Installation Upload Limits

Link to chapter 9

If you’ve seen the “Sorry, this file type is not permitted for security reasons” error message; you’ve tried to upload a file type that is not on your site’s upload allowed list or has failed a WordPress security validation test.

Failed file type security validation

Adding/Removing File Types in Standard Installations

We’re going to show you how the plugin WP Extra File Types can resolve either issue. The first thing to do is install and activate the plugin.

While we’re at it, we will show you how to use this plugin to identify why a file might trigger a security validation error, information that will be helpful if a particular file type or a particular user experiences ongoing upload issues.

Get WP Extra File Types

WP Extra File Types plugin

Once you’ve installed the plugin, you’ll find a new option, Extra File Types, in your site’s Settings tab, located here: Dashboard > Settings > Extra File Types.

Locating the WPEFT plugin menu

Click Extra File Types UI, and you will see a list of hundreds of file types from which to choose.

WPEFT plugin overview

You will also see two checkbox options, shown below. Do not select either of these boxes yet. Selective use of these options can help identify why a file triggered the upload error.

WPEFT optional features

Select the file type(s) you wish to add to the allowed list and then scroll to the bottom of the UI to click Save Changes.

WPEFT Save Changes button

Try to upload the problem file again, and if the upload succeeds, great! This means the file was simply not on the allowed list, and now it is. You and your users can now upload that file type as needed.

If the file triggers a validation error again, return to the WP Extra File Types UI, and select the Check only file extensions option shown below. Leave Skip WordPress checks unchecked, and click Save Changes. If the file is failing WordPress’s MIME type validation, this option will bypass that check without disabling other security measures.

WPEFT Check only file extensions button

Try to upload the problem file again, and if the upload succeeds, great! This means there was an issue with the file’s MIME type. Otherwise, the file was deemed safe to upload.

If the file triggers a validation error with Check only file extensions enabled, it’s time to consider whether you are certain the file is valid and not harmful. If you are uncertain, we recommend not uploading the file.

If you are certain the file is valid and not harmful, return to the WP Extra File Types UI. Uncheck the Check only file extensions option, and check the Skip WordPress checks option. Save your changes.

WARNING: Selecting this option will disable all WordPress upload security measures, and should only be used to upload files you are certain are not harmful. Leaving this option enabled allows users to upload any file type to your site, including potentially harmful files. You should disable this option when you are not actively troubleshooting an upload issue.

WPEFT Skip WordPress checks option

Try to upload the problem file again. If the upload fails with WordPress checks disabled, it is likely that the issue has nothing to do with the file type, and you should contact support for help troubleshooting the problem.

Adding Custom File Types in Standard Installations

You also can use WP Extra File Types to add file types not included with the plugin’s preset list. To do this, scroll to the bottom of the UI where you will find the Add your custom file types panel. Click the plus sign (+) to open the interface.

Adding custom file types to WPEFT

This will open up a table of fields where you must specify a file format by completing the Description, File Extension, and MIME Type fields. The Internet Assigned Numbers Authority (IANA) is responsible for all official MIME types, and you can find the information required for these fields on their Media Types page. Click Save Changes before returning to the media uploader.

1.9.3 Standard Installation Upload File Size

Link to chapter 9

Install the Increase Maximum Upload File Size plugin to make this task as easy as it can be.

Once the plugin is activated, Increase Maximum Upload File Size will appear as a new option near the bottom of your Admin Menu. Click the link to open the plugin.

WPIFS in the Admin menu

The plugin contains a single dropdown menu. When you open the UI for the first time, it will display your current max upload file size.


Click the dropdown menu to view the menu of various upload size limits. Setting a file size larger than 128MB will not override the 128MB max upload limit. Select the desired upload limit and click Save Changes.

Increase file size drop-down menu

Once a limit has been set, the plugin displays both the WPMU DEV Managed Hosting default limit of 128mb and the lower limit established by the plugin.

Choose file size limit WordPress

1.10 Getting .htaccess Support

Copy chapter anchor to clipboard

Our servers run NGINX, the fastest, most stable webserver type, and NGINX does not support .htaccess. Members accustomed to using .htaccess to enable or disable functionality needn’t worry. However, because all the functions typically associated with it are automatically handled by our servers.

Servers with the AllowOverride directive on, a prerequisite for .htaccess files, process requests at a much slower rate than NGINX servers. In fact, NGINX servers process many more requests per server than their Apache counterparts in large part because they don’t support .htaccess.


If your site has a .htaccess file in the root directory, WordPress or a plugin might attempt to write to that file when configurations change, but this is not a problem as our servers will simply ignore that file.

Some of the common uses for .htaccess that our servers automatically achieve are:

  • Permalinks – Our servers are configured to automatically handle permalinks for you.
  • Caching – Our servers handle caching for you, no need to install plugins or modify .htaccess files.
  • Redirects/rewrites – Redirects can be handled using a plugin or via custom server-side redirects that WPMU DEV support can install for you.
  • Security – Many WordPress security plugins have you modify the .htaccess file to install security rules. Fortunately, WPMU DEV hosting already has these security precautions in place at the server level.

Regardless of what you’re trying to achieve, if you’re doing it with .htaccess, then you’re probably doing it wrong. Instead, contact our support Superheroes, and they will help you figure out how to implement the same thing without creating or modifying a .htaccess file.

1.11 Getting nginx.conf Support

Copy chapter anchor to clipboard

As noted in the previous chapter, our server architecture is built on Nginx which does not support .htaccess. However, there may be times when you need some custom rules added to your server, to handle some plugin functionality for example.

As our system is managed WordPress, you do not have root access to the server, so cannot make those changes yourself.

In cases like this, simply contact our support superheroes via live chat or submit a support ticket using the Support tab of your WPMU Dev Dashboard, and we’ll be happy to make those changes for you.

create a new support ticket
Navigate to WPMU DEV DASHBOARD > SUPPORT > NEW TICKET to create a support ticket.

1.12 Restoring a Deleted Site

Copy chapter anchor to clipboard

A WPMU DEV hosted site can be deleted for any of the following reasons:

  • Automatically via CRON – If a site is unused, it gets automatically archived after 21 days as noted in the About Free Sites chapter above.
  • Deleted manually – You are free to delete any of your sites at any time.
  • WPMU DEV membership expired – If your membership at WPMU DEV expires, your hosted sites would also expire.

If you wish to restore a deleted site, the process is quite simple but it must be done within 30 days from the time it was deleted.

  1. Create a site while logged-in with the same WPMU DEV account, using the same temporary name & region as the original site.
  2. You’ll then see the backups of the original site available under the Hosting > Backups tab. Restore one of the available backups within 30 days, and your site will be live again.

1.13 Customizing Error Pages

Copy chapter anchor to clipboard

If you’re hosting your site(s) with WPMU DEV, and we certainly hope you are, you can take white labeling to another level by customizing server error pages with your brand, or any custom information you may want.

So, for example, if you’re not too enthusiastic about our default error 500 page:

Default WPMU DEV error 500 page

You could create something much more suited to your brand:

Customized error 500 page example

1.13.1 Available error pages

Link to chapter 13

Here are the error pages that can be customized to suit your needs:

Client error pages

401.html – Displays if the site has password protection enabled and the HTTP Auth form is dismissed by the user.

Default WPMU DEV error 401 page

402.html – Displays if the site is suspended due to required payment on your account.

Default WPMU DEV error 402 page

404.html – Displays when the URL or page requested by the user cannot be found.

Default WPMU DEV error 404 page

410.html – Displays if the requested page has been deleted permanently.

Default WPMU DEV error 410 page

429.html – Displays to a user/IP if they’re attacking /wp-login.php or /xmlrpc.php (see Bruteforce Attack Protection below).

Default WPMU DEV error 429 page

Note that the 403 error page that displays if a connection is forbidden, possibly via a WAF rule, cannot be customized as it is built into Nginx.

Server error pages

500.html – Displays if there is an internal server error.

Default WPMU DEV error 500 page

502.html – Displays if your server gets an invalid response from another web server.

Default WPMU DEV error 502 page

503.html – Displays if the server is currently unable to handle your request due to scheduled maintenance or a temporary overload.

Default WPMU DEV error 503 page

504.html – Displays if the server timed-out handling your request due to a temporary overload or a long-running script.

Default WPMU DEV error 504 page

1.13.2 How to customize

Link to chapter 13

To create a custom page for any of the above errors, create a .html file with the error number as the filename, with any content you wish inside. Then upload it to the root of your WordPress install.

For example, to create a custom error page in the unlikely case something goes wrong on your server and you get the dreaded “500 internal server error”, you’d create a file called 500.html

Add any custom HTML content you like to your file, and upload. You can use the Manage Files utility from your Hub > Tools screen to create and add content to the file, or edit on your computer and upload via the File Manager or FTP.

Upload location for custom error page files

Here’s an example of the basic HTML you’d want to have in any custom error page:

Your custom pages can be as simple or as creative as you like, and branded however you need. If you need some inspiration, have a look at these pages for some great examples:

1.13.3 More whitelabeling options

Link to chapter 13

Our White Label services allow you to remove all WPMU DEV branding so that you can use your own branding or even your client’s branding. This is largely offered as a tool through our WPMU DEV Dashboard Plugin. For a guide to rebranding with the WPMU DEV Dashboard Plugin, read our White Label Plugins document.

The process of white labeling your site is also closely linked to our Branda plugin. Branda simplifies white label branding, maintenance, and much more. Read our WPMU DEV documents on Branda to learn more about the plugin’s capabilities.

And if you’re using our Hub Client plugin to offer all the amazing site management tools of our Hub to your clients, you’ll want to review the Hub Client documentation as well.

1.14 Bruteforce Attack Protection

Copy chapter anchor to clipboard

All sites hosted by WPMU DEV have measures enabled at the server level to help prevent bruteforce attacks. This is to help ensure your site’s server never goes down due to a bot attack on the most commonly targeted WordPress URIs: /wp-login.php & /xmlrpc.php

Those URIs are continuously monitored on our hosting, and if either of them receives more than 1 request every 2 seconds (30 requests/min) from a single IP address, rate limiting will be applied automatically to block access to any user with that IP, and a 429 error page will be displayed to that user.

Default WPMU DEV error 429 page

This will throttle the connections a bit and help avoid having the server instantly go down due to an attack. If the connection is throttled 30 times within the last 30 minutes, then the attacking IP will be banned for 1 hour to help even more.

Any such 429 error will be logged by your server and can be viewed in the Access Logs in your Hub.

You can customize and brand the Error 429 page if you wish, just like any other default server error page, by following the directions in the Customizing Error Pages chapter above.

Note that only the URIs noted above are monitored, and rate-limited if attacked. For example, if you have modified your wp-login.php slug using the Mask Login feature in Defender, and that custom slug is discovered and attacked by a malicious bot, your custom login would not be protected by these measures. We, therefore, recommend that any such custom login not be too obvious; don’t make it easy for bad actors to guess.

Also note that, while these measures can help mitigate the effects of DoS/DDoS attacks, they should not be considered as full protection for such attacks. You may want to consider using the robust protection options offered by CloudFlare for that.