I’ve found that wp-login.php off the root isn’t really protected with this plugin. When you access it, it will ask for a password, but if you hit cancel you are shown the login page anyway. To fix this the “Satisfy Any” needs to be set to “Satisfy All”. Can you fix this for future installations?
- The topic ‘wp-login.php not really protected – bug’ is closed to new replies.