I was following your guide https://wpcerber.com/how-to-rename-wp-login-php/ and the thing is that this guide is no longer in sync with your plugin display. A few things I’ve noticed with trying to test the custom login url.
CUSTOM LOGIN URL
DISABLE WP-LOGIN.PHP (The setting is no longer immediately below custom login url)
We use a custom-login url and have this input field set.
I am trying to disable access to wp-login, but now that the main settings area looks different I am guessing on what to configure. There are 2 fields in other areas that appear related to blocking access WP-LOGIN.PHP
Processing wp-login.php authentication requests: is set to Block access to WP-LOGIN.PHP
Under PROACTIVE SECURTY RULES
Request wp-login.php is set to immediately block i/p after any request to wp-login.php
1) When I attempt to test these settings I’m able to access wp-login.php to sign in as normal. With these settings in place, I’m able to access wp-login.php Which is not what I was expecting. A 404 error is what I expected.
It appears other have commented on this too on this support site:
The topic shows as RESOLVED, but honestly was it?
2) The next issue also belongs to the PROACTIVE SECURITY RULES GROUP
Disable dashboard redirect: Disable automatic redirection to the login page when /wp-admin/ is requested by an unauthorized request
This feature is not doing it’s thing. In fact, our secret login page is redirected to when the user accesses wpadmin. (SECURITY ALERT.. THE HACKER NOW KNOWS OUR URL)
Please advise when you will have these issues fixed.
- The topic ‘[NSFW] Main Settings Security not working (several)’ is closed to new replies.