Do not allow backend login for visitors

catmaniax
(@catmaniax)

9 years, 6 months ago

Hello.

I’ve been trying to implement Ultimate Member to my site but I’m experiencing some issues.

First of all, there is no nice login widget to put to a sidebar (I know about putting the shortcode, but that just looks ugly), so I installed another plugin (https://wordpress.org/plugins/login-widget-for-ultimate-member/) that does exactly that, a login widget.

Now, if someone enters wrong login credentials and presses login through that widget, he is taken to the backend to login again.

However, that’s what I’ve been trying to figure out since I do not want visitors to access the backend.

The best option would be to be redirected to the ultimate member login page and not the backend.
If I disable the backend login for the visitors through Ultimate Member’s option, it does that and that’s nice.
However, enabling this, leaves me (Admin) only the single option to login from the frontend as well, which is bad for a lot of reasons for my case (I’m using 2FA, Clef, etc…)

I’m hoping there is or will be a solution for this (maybe an option of UM to a specific custom link just for the admin)

Let me know if I’m doing something wrong.
Thank you.

Viewing 6 replies - 1 through 6 (of 6 total)

Thread Starter catmaniax
(@catmaniax)

9 years, 6 months ago

Neither can I add my IP to the “Always allow the specified IP addresses to access the backend login screen and WP-admin to avoid being locked from site backend” since my IP is dynamic and not static.

Sorry for the double post.

borisv
(@borisv)

9 years, 6 months ago

You need to wait for the answer from the plugin author where you posted this before (and which btw, is the correct support board).
https://wordpress.org/support/topic/register-9/#post-8388141

Thread Starter catmaniax
(@catmaniax)

9 years, 6 months ago

Thanks for the reply.

However, I think this has to do with Ultimate Member since the options of that plugin reflect UM’s.

I say that because I tested it and if I disable the backend login for the visitors through Ultimate Member’s options then they are redirected to the UM login and not the backend.

borisv
(@borisv)

9 years, 6 months ago

No, it doesn’t. This has nothing to do with UM. People need to stop thinking that Ultimate Member is some sort of a replacement for WordPress. Or, that every WordPress related problem is because of Ultimate Member. So in short, the fact that UM allows you to disable back-end login and consequently you get redirected to the login page doesn’t mean it’s a UM issue.

Thread Starter catmaniax
(@catmaniax)

9 years, 6 months ago

I don’t think I made it clear.

I just want a custom URL that I will be the only one who knows it (Admin) so I can login to the backend of my site.
As for visitors, I want them to only be able to login from the front end and have no access to the backend login screen.

Disabling “Allow backend login screen for guests” disables the whole backend login screen so I can’t access it either as Admin.

And I don’t want to login as Admin through the front-end for many reasons, mostly security (2FA).

borisv
(@borisv)

9 years, 6 months ago

Let’s make this clear. We can only offer any advice if you take the other plugin out of the equation. This isn’t a support board for every plugin made out there, even if it’s made for Ultimate Member. If you are the only one who wants to have access to /wp-admin/ there are several ways you can accomplish that.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Do not allow backend login for visitors’ is closed to new replies.

Tags