plugin is exposing secret admin login url | ww.wp.xz.cn

Resolved igllive
(@igllive)

6 years, 10 months ago

Plugin is automatically exposing the secret login url for wp-admin. this happens when a users ip is blocked due to failed login attempts and user is shown following message:

“ERROR::Access from your IP address has been blocked for security reasons. Please contact the administrator.”

in the address bar the address is the secret hidden url name that was supossed to the fail safe for brute attck.

Viewing 1 replies (of 1 total)

Plugin Contributor wpsolutions
(@wpsolutions)

6 years, 10 months ago

Hi
The fact that the user has already tried to log in via the secret login page means that they already know the hidden page URL, and hence it is not actually being exposed to someone who shouldn’t know it.
Or am I misunderstanding your question/point?

Viewing 1 replies (of 1 total)

The topic ‘plugin is exposing secret admin login url’ is closed to new replies.

1 reply
2 participants
Last reply from: wpsolutions
Last activity: 6 years, 10 months ago
Status: resolved