Support » Plugin: Cerber Security, Antispam & Malware Scan » People can still find my custom login page…

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Gioni



    What are your settings? Did you check:

    1. Disable wp-login.php on the Main Settings tab
    2. Disable XML-RPC on the Hardening tab?

    I have disabled but not XML-RPC. I wasn’t sure if the second option was related to the wp-admin login access. I have now enabled it. I’ll keep and eye and let you know.


    Plugin Author Gioni


    Hackers just use XML-RPC interface as a way to obtain admin password via a brute-force attack. It’s enabled by default and usually unprotected.



    Hi Gioni, I did actually disable both XML-RPC and wp-login.php, but I’m still getting bombarded with “failed” attempts to login from soviet countries with user names like admin, administrator, http://www.mydomain.

    Any idea what I could be doing instead? I wish I could just blacklist a whole country.

    Plugin Author Gioni


    Hi valkala!

    1. Change your Custom login URL.
    2. Check Block direct access to wp-login.php and return HTTP 404 Not Found Error.
    3. Make sure that you theme (in a menu) or some widget don’t display the Custom login URL.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘People can still find my custom login page…’ is closed to new replies.