WordPress.org

Ready to get started?Download WordPress

Forums

Stealth Login Page
Feature suggestion (reserved words) (5 posts)

  1. izzaboo
    Member
    Posted 7 months ago #

    I know you're swamped with other work. But wanted to make this suggestion before I forget it. And if it hasn't already been made...

    I like the url modification feature.

    I don't like what it does to the WordPress Lost password process.

    I'm wondering if it would be possible to have a set of reserved keywords (question and answers) that would be disallowed and if those were included in the wp-login.php?url=query they would be processed by wordpress, or other plugins, as thought SLP plugin was not active.

    That's my thought of the day.

    all best,
    Greg

    http://wordpress.org/plugins/stealth-login-page/

  2. Jesse Petersen
    Member
    Plugin Author

    Posted 7 months ago #

    That's some of the best feedback to date. Thank you. That would certainly be an interesting way to approach this problem.

    I'm not quite sure how to do that, but I am looking further into options to enable/disable the URL filtering for those situations/plugins so if someone has a member site, those still work (along with something up my sleeve that I want to explore).

    Essentially, I'm going to have to bring back the URL stealth for people, allow them to additionally add another code if they so choose, and have THAT URL and form appear when Heartbeat API times out because it currently attempts to bring up wp-login.php, which I've been able to unhook, so I need only filter it to use the stealth login since it would appear for those already in the dashboard.

  3. izzaboo
    Member
    Posted 7 months ago #

    wonder if there's some way to hook into the "?action=" query part of the wp-login.php.

    best of both worlds? only have to remember one secret word (or bookmark the URL) in addition to the password? then any call to wp-login.php w/o "?action=<secret answer>" would be be redirected?

    just a quick thought on my way to twelve other things.

    I need to learn more about wp-login and heartbeat API, me thinks.

    all best,
    Greg

  4. Jesse Petersen
    Member
    Plugin Author

    Posted 7 months ago #

    Yes, that's what it was doing before Heartbeat API, but people with member plugins were saying it was jacking them up because of their custom URLs for membership stuff. I may just count them in the vast minority and send them on their way to another plugin.

    Gotta keep things simple to be effective.

  5. izzaboo
    Member
    Posted 7 months ago #

    I see what you mean, I think. Two (or more) plugins competing for the login.php URL query space. Am I getting that right?

    If that's the problem, whew. Tricky. Unless somehow you could make SLP load last and append Q&A at the end. Well that then coul easily still have conflicts, I guess.

    Or what if the secret Answer *is* what's passed as the action variable to wp-login.php. Are other plugins trying to use the action variable name? Sorry if it's a dumb redundant question. I don't know wp-login.php well at all.

    For my purpose, I'm wondering if I might look to see if I could check for ?action=lostpassword before checking against the Q&A stored in options table.

    anyway, I really appreciate the efforts to hide the login page altogether. But for those who do get an account, password reset is pretty important. The few account holders log in so infrequently they usually forget their password.

    Keep on truckin'!

    all best,
    G

    edited to fix worst smartphone typos.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.