Hidden Backend Login Slug Revealed! | WordPress.org

Resolved jlstysis
(@jlstysis)

3 years, 10 months ago
Astra Theme has a login popup. When used with the wrong username/password, that popup redirects to wp-login.php. Yes, that’s a bug, and yes it’s been reported to Astra.
HOWEVER, when the backed is hidden using iThemes, Astra redirects to wp-login.php AND reveals the secret login slug in the URL! I reported this to Astra but posting here as well as it seems that this should NOT be allowed by the iThemes plugin.
- This topic was modified 3 years, 10 months ago by jlstysis.

Viewing 2 replies - 1 through 2 (of 2 total)

nlpro
(@nlpro)

3 years, 10 months ago
Hi jlstysis,

You may be interested in reading (if not already) the iThemes Security Hide Backend article in the iThemes Help Center.

+++++ To prevent any confusion, I’m not iThemes +++++
- This reply was modified 3 years, 10 months ago by nlpro.
Plugin Support chandelierrr
(@shanedelierrr)

3 years, 9 months ago

Hi @jlstysis, I hope the information nlpro provided helped resolve the issue. Since we haven’t received a response, I’ll mark this post resolved. If you still need some assistance, feel free to open a new support topic, and we’d be happy to assist. Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Hidden Backend Login Slug Revealed!’ is closed to new replies.

2 replies
3 participants
Last reply from: chandelierrr
Last activity: 3 years, 9 months ago
Status: resolved