Protection no work

Several years I use the Plugin and I think there is a problem.

I have only one IP address in a whitelist.
 
I did the test with another IP address and the problem is still there !!!!.

It logs a connection attempt with a block, but the blocking on the wp-login page does not work and if we just type an identifier ex: ‘toto’ and input, it redirects to “wp-login” with l Hidden address.

thank you

Non Vincent, plusieurs installations sur un serveur, j’ai essayé et problèmes divers.
Donc !

Sorry, for my bad english,

This is an automatic translation !!!

Since the update, the plugin no longer plays its protection role on the WP-LOGIN page.

It was by chance that I discovered the problem by trying to connect outside my home.

The IP address of this PC is not in a whitelist.

I have only one address in a whitelist.

I did the test by deleting the history and all the parameters of the browser, it is the same!

The protection of wp-login: custom login URL no longer does its job.

If I log on to wp-login the login form appears while I checked the box: Disable wp-login.php.

If I put an incorrect ID and validate it, it returns me to the page with the custom connection.

However, in the dashboard, it saves and blocks the IP.

I hope i was clear.

I can give you my web address by private message

Thanks again and sorry for my bad English

Bernard

I did as you said in incognito mode with ip adress no in white list, it’s the same.

The wp-login page is not redirecting to 404, the login form is there.

If I make a false connection attempt, it redirects me to the custom login address .

But he registers the fraudulent connection attempt by marking 2 lines on the dashboard:
Blocked network
Attempt to connect with a non-existent identifier.

But it does not mark the attempt to access a forbidden url, whereas this IP address had access to this url.

Merci Vincent, j’avais compris!

Excuse me

This means that if someone sets their login page to a pattern that matches a REST endpoint then it breaks the REST request as instead of the call to example.com/wp-json/login doing/returning what it should, the plugin will intercept the request and send back the login page.