Title: ‘wp-admin/admin-post.php’ not accessible when using Masking URL Last modified: October 19, 2020 --- # ‘wp-admin/admin-post.php’ not accessible when using Masking URL * Resolved [joelod](https://wordpress.org/support/users/joelod/) * (@joelod) * [5 years, 7 months ago](https://wordpress.org/support/topic/wp-admin-admin-post-php-not-accessible-when-using-masking-url/) * Hi, * First of all, thanks for the excelent job on this plugin. Even the free version offers so much, it is a really greate tool to have. * But I do have a question regarding it. I’m using a custom admin url, with the Defender Masking URL setting. When I have the Masking url, I can’t submit post forms with “wp-admin/admin-post.php”, but the “[mask]/admin-post.php” also doesn’t work. * Is there anything I can do to make the form work, without having to let go the Defender masking url setting? * Note: This form submission is supposed to work with unlogged users, since it’s a custom age verification form (no additional plugins used for this). * Best regards. Viewing 5 replies - 1 through 5 (of 5 total) * [Kris – WPMU DEV Support](https://wordpress.org/support/users/wpmudevsupport13/) * (@wpmudevsupport13) * [5 years, 7 months ago](https://wordpress.org/support/topic/wp-admin-admin-post-php-not-accessible-when-using-masking-url/#post-13558462) * Hi [@joelod](https://wordpress.org/support/users/joelod/) * I hope you are doing good today. * > Note: This form submission is supposed to work with unlogged users, since it’s > a custom age verification form (no additional plugins used for this). * This sounds like a conflict here and possibly this was a custom form made by you or your developers. * To review this case more could you follow the below guide: 1. share this form core file(s) in a gist or ZIP it and share on some google drive/dropbox 2. share information on how this form is implemented on the site and (mu-plugin / path/ shortcode) * If you’re not able to share the above information due to policy or not willing to share this core files in public could you email us through our secure contact form here [https://premium.wpmudev.org/contact/#i-have-a-different-question](https://premium.wpmudev.org/contact/#i-have-a-different-question) and make sure that subject is “I have a different question” and: – ATTN: Kris– Link back to this thread * Kind Regards, Kris * Thread Starter [joelod](https://wordpress.org/support/users/joelod/) * (@joelod) * [5 years, 7 months ago](https://wordpress.org/support/topic/wp-admin-admin-post-php-not-accessible-when-using-masking-url/#post-13562007) * Hi Kris, * I’m doing good thanks, hope you’re too! Thanks for the reply. * Here’s what the function for the post submission looks like: [https://gist.github.com/joelod/c061fc41f66ff3d8a162b1cb020dcc05](https://gist.github.com/joelod/c061fc41f66ff3d8a162b1cb020dcc05) * And here’s what the HTML look like: [https://gist.github.com/joelod/8fe0fe2429fd2ab84600c986c9f2ccd0](https://gist.github.com/joelod/8fe0fe2429fd2ab84600c986c9f2ccd0) * This is what I get when I have the Masking URL option for the /wp-admin: * > [View post on imgur.com](https://imgur.com/eQ5oLbT) * No plugins used for the form submission (I develop everything I can, so I’m barely using plugins, just WooCommerce, WPML and ACF, Defender). * Best regards, Joel * Plugin Support [Saurabh – WPMU DEV Support](https://wordpress.org/support/users/wpmudev-support7/) * (@wpmudev-support7) * [5 years, 7 months ago](https://wordpress.org/support/topic/wp-admin-admin-post-php-not-accessible-when-using-masking-url/#post-13568707) * Hello [@joelod](https://wordpress.org/support/users/joelod/), * As you are submitting to admin, that is expected behaviour. Also if you are using** esc_attr**, you should use it for the entire attribute. * You can submit the form using Ajax as the sole purpose of the feature of masking the URL is to block access to wp-admin. If you would not like to do that, you can use the following to deactivate the masking when the age-verified is posted: * ``` add_filter( 'wpd_masklogin_disabled', function( $disabled ){ if ( isset($_POST['age-verified'] ) ) { return true; } return $disabled; } ); ``` * Kindly note that when I checked with the SLS team, they said this is not safe to be used. They suggested adding some nonce. Do let me know if that helps. * Thank you, Prathamesh Palve * Plugin Support [Patrick – WPMU DEV Support](https://wordpress.org/support/users/wpmudevsupport12/) * (@wpmudevsupport12) * [5 years, 7 months ago](https://wordpress.org/support/topic/wp-admin-admin-post-php-not-accessible-when-using-masking-url/#post-13605997) * Hi [@joelod](https://wordpress.org/support/users/joelod/) * I hope you are doing well. * We haven’t heard from you in a while, I’ll go and mark this thread as resolved. * However, feel free to let us know if you have any additional question or problem. * Best Regards Patrick Freitas * Thread Starter [joelod](https://wordpress.org/support/users/joelod/) * (@joelod) * [5 years, 7 months ago](https://wordpress.org/support/topic/wp-admin-admin-post-php-not-accessible-when-using-masking-url/#post-13606008) * Hi Patrick, * I’m really sorry I had a few days off and forgot to say that your solution helped me, it’s working fine now! Also, thank you for the nonce tip! * Best regards, Joel Domingues Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘‘wp-admin/admin-post.php’ not accessible when using Masking URL’ is closed to new replies. * ![](https://ps.w.org/defender-security/assets/icon-256x256.gif?rev=3435930) * [Defender Security - Malware Scanner, Login Security & Firewall](https://wordpress.org/plugins/defender-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/defender-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/defender-security/) * [Active Topics](https://wordpress.org/support/plugin/defender-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/defender-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/defender-security/reviews/) * 5 replies * 4 participants * Last reply from: [joelod](https://wordpress.org/support/users/joelod/) * Last activity: [5 years, 7 months ago](https://wordpress.org/support/topic/wp-admin-admin-post-php-not-accessible-when-using-masking-url/#post-13606008) * Status: resolved