Support » Plugin: All In One WP Security & Firewall » Changing login url breaks lost password url

Viewing 15 replies - 1 through 15 (of 17 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, I did a test and in my site the reset password link displays the correct path. I am not running nginx on my development platform. Do you have any other security plugin installed?

    For example in my testing site I have the following set up for Brute Force -> Rename Login Page.

    123456 is my secret word.

    [http://localhost/wordpress/123456]

    When I view my Lost your password reset URL on the login page I see the following.

    [http://localhost/wordpress/123456/?action=lostpassword]

    Yes url changes no problem. But the page itself doesn’t change. I still see login form in the page and Log-in title in browser title. So php sohlud read the action=lostpassword and serve the lost password form but it doesn’t

    I don’t have any other security plugin.

    How can we debug this?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, can you check the plugin log files? Report back with any findings.

    Thank you

    Unfortunately, wp-security-log file is empty.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Okay, try the following. Disable all your other plugins except this one and carry out a test. If that does not work test one of WordPress default themes like Twenty Fifteen or Sixteen.

    Regards

    Yes it could be the Theme i guess. I am using the Gameleon theme. I will post when i disabling them.

    But even if it was theme. There is still problem for me. Because i have to run url change in that theme.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, the best option for you now is to carry out a theme test. If it is the theme then my suggestion is to contact the theme developers and explain to them what your issue is.

    Regards

    • This reply was modified 1 year, 2 months ago by  mbrsolution.

    Hi,

    I deactivated all plugins and changed the theme to the default one. But the issue continues. If i disable the plugin it justs works fine. But with the plugin activated “Forgot Password” page gets broken.

    So, it is not about theme or other plugins. I am using Ngnix and PHP-FPM. It seems it is having somekind of problem with that. Or maybe some server or php configuration i don’t know.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, unfortunately I don’t have a testing platform running in an Nginx server. So I can’t test this on my end. The plugin developers will investigate further your issue.

    Kind regards

    Meanwhile i will try to install Firebug and look to the issue.

    Thank you for your help.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    That is a great idea. The more information you provide the better it is for the developers to troubleshoot your issue.

    Regards

    Plugin Author wpsolutions

    (@wpsolutions)

    Are you by any chance using the Woocommerce plugin?
    I noticed on one of my test sites that the “Lost your password?” link gets broken when Woocommerce is active (even when AIOWPS is deactivated).

    • This reply was modified 1 year, 2 months ago by  wpsolutions.

    No i don’t use Woocommerce. Like i said in previous post even when there are no plugins and with default theme “Lost password” gets broken. Which file AIOWPS use the url change? I should just debug that file and output to the console.

    Another stranger thing, when i try to login with the custom url, wordpress says the “cookies should be enabled”(though they are enabled) but when i click the second time it just logins.

    I noticed the $_REQUEST array is empty. I was getting surprised how could it be then i thought about the server and nginx. Yes the problem was a simple nginx misconfiguration:

    Change try_files $uri $uri/ /index.php; to try_files $uri $uri/ /index.php?$args; to fix the issue. That’s it. And it solved my problem with another plugin too.

Viewing 15 replies - 1 through 15 (of 17 total)
  • The topic ‘Changing login url breaks lost password url’ is closed to new replies.