Site lock password error message (3 posts)

  1. azile
    Posted 3 years ago #

    My Hosting Company suggested I check with you regarding this message I received below from Site Lock as a low security issue. What does "pwd" refer to?

    Category: Data security

    Page UrL: http://www.reazile.com/wp-login.php

    Note Info:Insecure form action "http://www.reazile.com/wp-login.php" found fields ( "pwd" ) on sample pages "( http://www.reazile.com/wp-login.php )"
Description:We have detected form fields on your page that may contain sensitive information. If this information is confidential, it should not be sent via a normal http (non-secure) page, but encrypted using the https (secure) protocol. 
Action:Consider using an SSL Certificate to protect the security of this information.



  2. This warning is only a suggestion for you to use ssl for your WordPress login page.

    You can force ssl login by setting define(‘FORCE_SSL_LOGIN’, true); in wp-config.php.

    If you want to force all admin sessions over ssl define(‘FORCE_SSL_ADMIN’, true); can be used.

    Please not your server must be configured for ssl support and the proper certificates need to be installed before this will work.

    See: http://ryan.boren.me/2008/07/14/ssl-and-cookies-in-wordpress-26/ for more info.

  3. azile
    Posted 3 years ago #

    Thank you!


Topic Closed

This topic has been closed to new replies.

About this Topic