WordPress.org

Support

Support » Plugins and Hacks » [Resolved] Now protects "wp-login.php" as well?

[Resolved] Now protects "wp-login.php" as well?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Sean Fisher

    @sean212

    The only way would be via a URL path that they could specify for the login URL. Would love to know how else they could get around it to fix it 🙂

    Plugin Author Sean Fisher

    @sean212

    I may also add a way to ensure other files can be added to be protected, i.e. wp-includes/

    Thanks sean,

    This should definitely be a required necessary security plugin.

    Reason I asked because my host now requires me to have a cache, and I’m using Hyper-Cache…

    here was the problem, I’m also using another security-plugin called “limited login attempt,” but due to having Hyper-Cache, it caches the redirects from Lockdown WP Admin

    http://www.domain.com/customloginredirect

    Hence, I’m no longer protected using “limited login attempt” because the 5 tries attempt won’t go down to 0, but stay at the last cached attempt.

    However, Hyper-Cache doesn’t cache the “wp-admin” so when I disable “Lockdown WP Admin” and go back to accessing the wp-login screen page through wp-admin as the only way of getting there, the “limited login attempts” work again.

    So as much as I like to use in conjunction both “Lockdown WP Admin” and “Limited Login Attempts”, I can only have 1.

    Bitter dilemma, but I find “Lockdown WP admin” will offer better secruity than “limited login attempts” if there were no other ways to access the wp-login screen page when “wp-admin” and “wp-login.php” is disabled and there any other similar “universal known-way”…

    than just us knowing the acutal redirect we put in Lockdown WP Admin.

    When I go to /wp-admin/ I get this error message at the bottom of the 404:

    Fatal error: Call to undefined function get_current_screen() in /home/user/public_html/wp-includes/admin-bar.php on line 426

    What is causing that error?

    When I go to /wp-admin/ I get this error message at the bottom of the 404:

    Fatal error: Call to undefined function get_current_screen() in /home/user/public_html/wp-includes/admin-bar.php on line 426

    What is causing that error?

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘[Resolved] Now protects "wp-login.php" as well?’ is closed to new replies.