Support » Plugin: Rename wp-login.php » Recommended

  • I tested this plugin on both WordPress 3.4.2 and 3.6 it worked correctly on both WP versions. I had one small issue or interaction with another plugin which the author fixed amazingly in just minutes.

    This plugin is really useful because it blocks access to wp-login.php which many Bots look for. You can pick a unique name for the new login path. This is not security by obscurity because no bot will not find the wp-login.php program. This is a simple solution to a nagging WP problem.

    Since April 2013, a large botnet of 10’s of thousands of compromised servers has been attempting to break into WordPress websites by continually trying to guess the username and password using the standard wp-login.php program.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Ella

    (@ellatrix)

    I don’t really recommend using it for versions older than 3.6 because there are some filters I’m using that where only introduced in 3.6. I’ll consider making it compatible, though I don’t really see why people are using old versions of WordPress anyway.

    And it is a bit “security by obscurity”, but so is a password. It actually works a bit like a second password, or key, given that there is no link to the login page on the website.

    Thanks for the review!

    Thread Starter gizmomol

    (@gizmomol)

    Some of the web sites I have done are for people that manage the content of their sites themselves as “editors”. Two editors do not want anything changed especially the way of handling media. The WP 3.6 way of handling media is different enough that they would be concerned that I am changing their sites for no purpose. I have advised them that we should update to the 3.6 series but so far they do not want it.

    Plugin Author Ella

    (@ellatrix)

    I guess some people don’t like change… But that’s not a good enough reason 🙂

    Thread Starter gizmomol

    (@gizmomol)

    I noticed that this plugin displays a message similar to this example “Your login page is now http://sample.com/login/ Bookmark this page!” whenever I update anything under the dashboard, “Settings” and sometimes other plugins too.

    I tried this plugin on two sites with two themes and saw same results. Then I disabled all plugins on one site and still see the message if I save and standard wp settings.

    When I see a plugin’s messages while I am doing settings somewhere else, it causes me to concerned that there is a bug or side effect somewhere.

    Personally I would want to see that only after I did a setting change for this plugin.

    Thanks again!

    Plugin Author Ella

    (@ellatrix)

    Thanks for the feedback, I fixed this in 1.7.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Recommended’ is closed to new replies.