congma's Replies | WordPress.org

Forum Replies Created

Viewing 4 replies - 1 through 4 (of 4 total)

Forum: Plugins
In reply to: [Creative Commons Configurator] Ungrammatical use of the article "The" in license text

Thread Starter congma
(@congma)

12 years, 5 months ago

Thank you for the fix!

-Cong.

Forum: Plugins
In reply to: [Stealth Login Page] Leaked stealth parameters

Thread Starter congma
(@congma)

12 years, 10 months ago

Temporarily using the “Lockdown WP Admin” plugin to block unauthenticated access to the admin page altogether.

Forum: Plugins
In reply to: [Stealth Login Page] Leaked stealth parameters

Thread Starter congma
(@congma)

12 years, 10 months ago

Hi Jesse,

A new leak found. When an unauthenticated user (presumably malicious attacker) tries to access /wp-admin, he will be redirected to the authentication page /wp-login.php?stealth_q=stealth_a&redirect_to=[wp-admin]&reauth=1 (here stealth_q and stealth_a are again the stealth question and answer, and the bracketed part is actually the percent-encoded full url of the admin page).

Any suggestions about preventing this kind of leak?

Thanks,

Cong.

Forum: Plugins
In reply to: [Stealth Login Page] Leaked stealth parameters

Thread Starter congma
(@congma)

12 years, 11 months ago

Thanks for your info Jesse. Now I temporarly worked around this with mod_rewrite kludging. Still hope for a clean solution though.

Viewing 4 replies - 1 through 4 (of 4 total)