Support » Plugin: WPS Hide Login » Plugin Does Not Stop Anyone from Loggin in.

  • Sorry to say that I have tried this plugin on two sites and it seems that this plugin is almost a lightning rod for hacked to try to brute force their way in. This doesn’t do a thing to keep others from trying to log in.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Dear my friend, how can I know if my site is under attack (how to detect it happen) ?

    It wasn’t meant to keep people from logging in. It was meant for you to “hide” the regular log in screen. For example, normally you would log in at https://yoursite.com/wp-admin (right?? with me so far?)

    But this CHANGES the name of the wp-admin login page, which hackers will NOT have. They only know wp-admin. So, if they try that, it’s going to tell them it doesn’t exist. No hackers! Voila!

    To do this, you have to install the plugin and activate it, then go to the settings page and make up a new name for your login page. Let’s say you have an ecomm site and you want the login to be “ecommlogin1″… On the settings page you rename it and from the point where you save it, you now have to go to that page. Who is going to have that login but you? No one will. And hackers can guess away. The likelihood they will guess your login page URL is minimal.

    But say you want to add a new person to your site as an author for your blog. You create a new username and sent them the password through your dashboard, like always… but they have to know the new login screen word because it isn’t wp-admin any longer. You will have to make sure they know they have to go to https://yoursite.com/ecommlogin1 now and forever to login in and write those all important product articles you want done.

    And Iamwebmienphi, You won’t know your site is under attack unless you have protection. There are several great plugins for you to use on your sites. I like the simplicity of Wordfence, personally, and highly recommend using them. You will receive email notifications if your site is hacked (I have never gotten one of those!), or when your site is under brute force attacks you’ll get notifications of failed attempts – but this does not happen if you change the login admin URL as described above. Hackers really don’t have the time to mess with it so they move on to one that DOES have the wp-admin login… you see?

    BTW, I also use All-in-One for security on a couple of sites as well. It’s more indepth, but once you have the settings completed, it is almost impossible to broach.

    I have never been hacked on any of my sites, and the credit goes to my site security…

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Plugin Does Not Stop Anyone from Loggin in.’ is closed to new replies.