Users logging in NOT on login page and how to prevent this
-
So I keep getting emails from a security plugin I use informing me of user being locked out (which is correct per my settings, should a user attempt to log in with incorrect credentials). However I currently have several security measures in place, most notably an IP Whitelist with only my IP on it via htaccess.
Where I get stumped is that the standard login pages are correctly denying access when you attempt to reach the login via:
/login
/admin
/wp-admin
/wp-login.phpI have no other login pages, widgets for logging in or anything of that nature. And yet I’m still getting notifications about users being locked out. That means they’re even able to hit a login page in the first place, right? If so, how is this possible? Anyone have any insight?
- The topic ‘Users logging in NOT on login page and how to prevent this’ is closed to new replies.