It looks like this error comes directly from All-in-One’s plugin file:
./classes/wp-security-process-renamed-login-page.php
lines 129-134
//case where someone attempting to reach wp-admin
if (is_admin() && !is_user_logged_in() && !defined('DOING_AJAX') && basename( $_SERVER["SCRIPT_FILENAME"] ) !== 'admin-post.php'){
//Fix to prevent fatal error caused by some themes and Yoast SEO
do_action('aiowps_before_wp_die_renamed_login');
wp_die( __( 'Not available.', 'all-in-one-wp-security-and-firewall' ), 403 );
}
Have you double-checked with them to ensure they are going to the correct URL and not trying to use wp-admin? I get the “Not available.” page when trying to access wp-admin on your website and a 404 page when trying to access wp-login.php – which looks like the norm when you are using the rename login page feature in All-in-One
Trying to understand the code snipit you found (thank you by the way). Is that saying if she is already logged in and tries to access the renamed login page, it gives her “not available”?
Yes she is accessing the renamed wp-admin page. So am I. When she or I access the renamed wp-admin page, it redirects to /wp-admin. Wait, no it does not (for me). When she access the secret page, it redirects to wp-admin.
@sberman The code snippet means if wp-admin page being requested(regardless if they are a logged in admin user), and user is not logged in and not a running AJAX script and file name in request is not admin-post.php, then return this plugin’s 403 error page (which is the “Not available” page).
I’d recommend having your client try the process in a Private/Incognito session to avoid any browser level issues (cookie sessions, cache). It would also be a good idea to use a separate user for testing as well.
