Hi, if you are enabling the Brute Force -> Rename Login Page feature then you cannot log in using the default wp-admin or wp-login pages any more.
You have to login using the new secretword added. For example [www.yoursite.com/secretword]
I know that. I’ve been using this plugin for a while. The problem is that instead of getting a 404 page when browsing to wp-admin, you get a fatal error because it’s not bringing in the WordPress elements that other plugins need.
The fact that unusual behaviour is happening on the typical WordPress login pages is likely to indicate that it is in fact a WordPress site.
Personally I find that such unusual behaviour goes against the purpose of the plugin when surely part of the reason to change the login URL is to disguise that it’s a WordPress site to begin with.
If you are getting a fatal error then the issue is probably related with the integration with Magento. Does it give out more information other than Fatal error?
Can you check the log file in WP Security -> Filesystem Security -> Host System Logs.
The problem, as I have stated, is that MWI can’t access the Magento files it needs to load the layout correctly. I suspect this actually happens with any plugin that hooks into the layout this way but most don’t return fatal errors as a consequence.
To counteract the issue, I think AIOWPS needs to actually replicate a page load instead of just grabbing the 404 template and calling it a day.
Thank you for reporting back. The plugin developers will investigate further your request.
Regards
I have a feeling that this might be theme related because I’ve seen it on certain themes and it probably has nothing to do with the fact that you are using Magento.
Which theme are you using?
Can you please try a test?
Revert the theme to twentysixteen and check if you still get the error.
I found a theme which throws a fatal error and tested a potential solution.
What I did was I added an action hook in the AIOWPS plugin inside the “aiowps_set_404” function.
I then hooked into the above from the theme’s functions.php file and I simply loaded the missing files using include_once (or require_once).
I then tried to visit mysite.com/wp-admin. The fatal error was gone and it worked like a charm.
Will adding a hook just before the 404 is being set by the AIOWPS plugin be an acceptable solution for your situation?
That would probably work, and I can confirm that there wasn’t an issue with 2016, but given that there was an issue with 2013 which is the theme our child theme is based on, I’d prefer a solution that doesn’t require the user to known how to edit their functions.php file – security shouldn’t just be something available to the technically literate.
Since this issue happens rarely, I think that for now this is the best solution I can think of so I will add that hook in the next release.
If you come up with something better send us through your code and we will give it serious consideration.
Please see the following thread which shows you the code to add to your functions.php to solve your issue:
https://wordpress.org/support/topic/fatal-error-call-to-undefined-function-is_bbpress-1?replies=7
