WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
Forbidden when resetting password (1 post)

  1. flynsarmy
    Member
    Posted 1 year ago #

    When accessing the url:
    http://domain.com/wp-login.php?action=resetpass&key=slltzV3zGV7SZNuMSWbV&login=myuser

    I get an access forbidden. Appears to be caused by this line in htaccess:
    RewriteCond %{QUERY_STRING} ^.*(bash|git|hg|log|svn|swp|cvs) [NC,OR]

    I noticed further down there's an exception:
    RewriteCond %{QUERY_STRING} !^action=rp
    I fixed the issue by changing it to:
    RewriteCond %{QUERY_STRING} !^action=(rp|resetpass)

    http://wordpress.org/extend/plugins/better-wp-security/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.