Password Protected Page = Backend?

  • B Gerling

    (@gerlprint)


    3 years, 4 months ago

    Is a password protected page considered a part of the backend?

    On a customer site, I am blocking the backend except for 3 countries. The frontend is supposed to be visible for everyone worldwide.

    Now the complaint arose that a visitor got blocked trying to access a password protected page (and made sure the PW he used was correct), and ended up seeing the usual „Forbidden – Visitors from your country are not permitted …“

    Looking at the logs, it seems that his attempts to see the page created entries containing the URL „/-/-/-/-/-/-/-/-/-/-/“

    Is there a way to unlock that specific „URL“? Or the PW checking process?

    Thank you for any ideas!

    (I cannot post the password here, of course, but if you order the free newsletter at the bottom of the page, the site owner will announce it to you.)

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator tobifjellner (Tor-Bjorn Fjellner)

    (@tobifjellner)

    3 years, 3 months ago

    You asked a specific question about a plugin that not so many people are using. And nobody is obliged to answer in the forum, not even plugin and theme developers are forced to respond.
    In general, I’d say that a password protected page is part of the front-end. But the URL you see in the logs looks like you may have some kind of strange/incorrect forwarding happening.
    I’d suggest that you try and investigate in deeper detail what’s happening. Ask the visitor to check their web console while attempting to visit the page.

    Plugin Author Pascal

    (@iqpascal)

    3 years, 3 months ago

    I can normally enter the password on that page. In fact I can see the page with entering any password.

    So I am not sure why he would see that block message.

    /-/-/-/-/-/-/- are usually used by people who are looking for vulnerabilities on sites I believe.

    Thread Starter B Gerling

    (@gerlprint)

    3 years, 3 months ago

    Thank you for your reply! The person who complained was a valid visitor, I will ask them.

    zitik81

    (@zitik81)

    3 years, 1 month ago

    Dear @gerlprint

    I experience the same problem at my side http://www.kino-doma.sk, did you find solution?
    Thank you very much in advance for any help

    Thread Starter B Gerling

    (@gerlprint)

    3 years, 1 month ago

    Hello @zitik81, after the above answers, the site owner did not want to continue investigation of this matter. The only idea I have is that the problem may disappear with an update of the MaxMind GeoIP data file. In case you find this confirmed or if you come up with a solution, please let me know.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Password Protected Page = Backend?’ is closed to new replies.