When I tried setting up the ‘cookie based brute force’ feature, here’s what happened:
I did the cookie test, and passed. Then, I set up a ‘secret word’ and checked the box to enable it and saved.
Now, when I go to the url (http://www.yoursite.com/?yoursecretword=1), it brings up my home page, not a login page. So, I clicked the login link on my page, but that goes to the http://127.0.0.1 page.
Trying the secret word on the wp-login.php page doesn’t work either.
So, how do I get to the login?
Also, I would need this to work for other contributors to my site. So, if I give them the secret word and tell them to append it to the site url, will it work for them?
Did you copy and paste the exact special URL which was given to you by this plugin when you enabled that feature?
Yes, definitely. Made sure of it, tried a couple times, on different computers, flushing the cache, etc.
I did have Ajax login, but disabled that plugin, and it made no difference.
Also, when I hit the ‘Account Activity Logs’ tab in the User Login section, I get a “Forbidden – You don’t have permission to access /wp-login.php on this server.” The url at that point is http://www.humortimes.com/wp-login.php?redirect_to=http://www.humortimes.com/wp-admin/admin.php?page=aiowpsec_userlogin&aiowps_login_msg_id=session_expired
I think that last thing has to do with the cache, when I came back later it was ok. I had that happen again somewhere else in the admin for the plugin. I had just logged back in, after being forced to, because I had it set to allow only an hour logged in at a time.
I would still like help with the original problem, the ‘cookie based brute force’ feature, however…
Hi @jamminjames in some cases the Cookie Based Brute force might not work well with current server settings. Please try and enable the “rename login page” feature.
- The topic ‘Can't get 'cookie based brute force' feature to work’ is closed to new replies.