Title: Login error messages: reenable
Last modified: September 22, 2018

---

# Login error messages: reenable

 *  [samwebdev](https://wordpress.org/support/users/samwebdev/)
 * (@samwebdev)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/)
 * Hello,
    Via setting, login error messages were disabled. This stops any error
   messages to be displayed to user; in order to reenable them, we did disable the
   setting again:
 * Login Error Messages Disable login error messages
    Prevents error messages from
   being displayed to a user upon a failed login attempt.
 * However, the error messages do not show up. Guess something wrong with the setting
   saved in the database. Which table/setting should be checked and deleted manually
   to reenable them?
 * And/or any filter to check if its enabled, and/or force to enable?
 * Thanks

Viewing 7 replies - 1 through 7 (of 7 total)

 *  [nlpro](https://wordpress.org/support/users/nlpro/)
 * (@nlpro)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10713489)
 * Add the line below to the wp-config.php file:
 * `define('ITSEC_DEBUG', true);`
 * This will add an extra menu option to the Security menu named **Debug**.
    Navigate
   to the Security->Debug menu option.
 * In the **Settings** section select ‘wordpress-tweaks’ and then click on the **
   Load** button.
 * If you have properly disabled the “Login Error Messages” setting you should see
   the following entry in the array:
 * `"login_errors": false,`
 *  Thread Starter [samwebdev](https://wordpress.org/support/users/samwebdev/)
 * (@samwebdev)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10713821)
 * Hello,
 * It says false, but somehow login notices are disabled. All others are working
   fine.
 * Is there a general database value and/or possible snippet to check and/or enable
   login notices?
 * Thanks
 *  [nlpro](https://wordpress.org/support/users/nlpro/)
 * (@nlpro)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10713894)
 * We just checked it.
    It could be another (security) plugin. Or a piece of code
   added to the active theme functions.php file. Or it may be the effect of a caching
   plugin.
 * Is it showing an empty (red color) notice or no notice at all when forcing an
   invalid login attempt ?
 * Any chance I can give it a try ?
 *  Thread Starter [samwebdev](https://wordpress.org/support/users/samwebdev/)
 * (@samwebdev)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10713948)
 * It is not showing any notice at all;
 * sure please try [https://3o2.co/bV5](https://3o2.co/bV5)
 * thanks
 *  [nlpro](https://wordpress.org/support/users/nlpro/)
 * (@nlpro)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10713997)
 * Ok, I see.
 * I don’t think this is an iTSec plugin issue. When enabling the plugin setting
   normally an empty notice will be displayed above the login form upon a failed
   login attempt. Since there is no notice displayed at all the setting is probably
   correctly disabled. Doublecheck: Enable the setting again and confirm an empty(
   red) notice is displayed.
 * Post edit:
    If the empty (red) notice is not displayed this may be a custom login
   form issue. So the iTSec plugin setting may not work at all with your custom 
   login form …
    -  This reply was modified 7 years, 8 months ago by [nlpro](https://wordpress.org/support/users/nlpro/).
 *  Thread Starter [samwebdev](https://wordpress.org/support/users/samwebdev/)
 * (@samwebdev)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10714177)
 * Thanks,
    Custom login is most likely the issue. Will try to double check.
 * Any snippets (plugin/woocommerce) to put on the login form/page for testing?
 * Thanks
 *  [nlpro](https://wordpress.org/support/users/nlpro/)
 * (@nlpro)
 * [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10715022)
 * I’ve been digging a little deeper (I’m curious) and learned that WooCommerce 
   wc_add_notice() function actually applies the WordPress ‘login_errors’ filter
   that the iTSec plugin “Login Error Messages” setting hooks into ! So in theory
   it should work.
 * Only 1 extra line of code is executed when enabling the “Login Error Messages”
   setting:
 *     ```
       if ( $this->settings['login_errors'] ) { //If "Login Error Messages" is enabled
       	add_filter( 'login_errors', '__return_null' ); //Replace error msg with null
       }
       ```
   
 * So in a vanilla WordPress login form an empty (red) notice will be displayed 
   upon a failed login attempt. (Which I think is not very usefull because users
   can see something is wrong but get absolutely NO clue what is wrong). It would
   be better to display a **generic** error msg like:
 * > **ERROR**: Invalid username, email address or incorrect password.
 * Anyway the WordPress login form seems to be able to deal with the filtered **
   null** value.
 * However I have my doubts whether the WooCommerce login form is able to deal with
   a **null** value for the error notice …
 * So as a simple test try this (The procedure below is UNTESTED so make sure you
   have a valid backup of the env before proceeding!):
 * 1. Make a copy of the better-wp-security/core/modules/wordpress-tweaks/class-
   itsec-wordpress-tweaks.php file. At the end of the procedure this copy will be
   used to restore the original plugin file.
    2. Edit the better-wp-security/core/
   modules/wordpress-tweaks/class-itsec-wordpress-tweaks.php file. 3. Search for
   the 3 lines of code pasted into this post at the beginning. 4. Replace the following
   line:
 * `add_filter( 'login_errors', '__return_null' );`
 * with:
 * `add_filter( 'login_errors', array( $this, 'filter_login_error_cb' ) );`
 * 5. Add the function below as a new class function like this:
 *     ```
       public function filter_login_error_cb() {
       	return __( '<strong>ERROR</strong>: Invalid username, email address or incorrect password.' );
       }
       ```
   
 * 6. Save changes.
    7. Log into the WordPress Dashboard and enable the “Login Error
   Messages” setting in the iTSec plugin WordPress Tweaks module. Save changes. 
   Logout. 8. Clear the browser cache and retest the issue.
 * **9. When testing is done delete the better-wp-security/core/modules/wordpress-
   tweaks/class-itsec-wordpress-tweaks.php file and restore it using the copy created
   in step 1.**
    -  This reply was modified 7 years, 8 months ago by [nlpro](https://wordpress.org/support/users/nlpro/).
    -  This reply was modified 7 years, 8 months ago by [nlpro](https://wordpress.org/support/users/nlpro/).

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Login error messages: reenable’ is closed to new replies.

 * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351)
 * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/)
 * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/)

 * 7 replies
 * 2 participants
 * Last reply from: [nlpro](https://wordpress.org/support/users/nlpro/)
 * Last activity: [7 years, 8 months ago](https://wordpress.org/support/topic/login-error-messages-reenable/#post-10715022)
 * Status: not resolved