Under normal circumstances, the hidden URL prevents people from finding the login page, as it supposed to be, but there’s a very simple way to bypass this security in Mozilla Firefox. Instead of typing this:
http://www.mysite.com/wps-login.php (which is futile),
you can use a coded version of this URL:
…and your browser will display the hidden URL login page. It looks like a security glitch. Firefox resolves the encoded URL in such a way that your WPS Hide Login lets the resolved URL go through like a correct hidden URL.
This is confirmed on Mozilla Firefox. Other browsers (like MSIE) can’t use this method for revealing the correct hidden login page. I would like to see if other people can confirm this behavior as well.
- The topic ‘The hidden URL can be bypassed in Firefox’ is closed to new replies.