Support » Plugin: Change wp-admin login » They find me the new access

  • Resolved nanomania

    (@nanomania)


    Hello, I have a problem with this add-on, I’m having hacker attacks, what I don’t understand is how and why does that person know the new access, I even change it and guess it again, could you help me?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Nuno Sarmento

    (@nunosarmento)

    Hi @nanomania

    Thank you for your message.

    I’m sorry to hear that you are having problems with “hackers”. There are loads of hacking techniques that can expose your website vulnerabilities & login urls. If your site has been compromised you should contact an expert ASAP to fix it and ask them also to make a website security assessment to see what best security tools you will need to protect your website.

    My plugin is not a security tool it doesn’t act like a firewall only changes the login url which only gives us a limited protection when it comes to hacking attacks.

    Just out of curiosity, how do you know that the “hackers” know your login URL?

    Best,
    Nuno

    Plugin Author Nuno Sarmento

    (@nunosarmento)

    It seems you had also problems with a similar plugin “WPS Hide Login”, I think @nicolaskulka from WPS Hide Login explain to you some actions that you could take to protect your website.

    Plugin Author Nuno Sarmento

    (@nunosarmento)

    I am closing this topic for now but if you need any more help please let me know.

    nanomania

    (@nanomania)

    Hello, as you indicate with the other plugin, the same thing happens to me, I don’t know what the problem is and nobody helps me to know why, the steps they told me in another plugin were not any help since they did not bother to see If what they told me I had already done, I know they found the new url because the boy is dedicated to creating separate users and sending me messages in buddypress and he writes me the new access url, even if they change it 10 times, he finds it.

    Plugin Author Nuno Sarmento

    (@nunosarmento)

    Hi @nanomania

    They are getting the URL from your login form. The login form is public and the form action is showing the login URL. You should encode the public login form action URL.

    Best,
    Nuno

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.