Title: wp-admin/customize.php
Last modified: September 14, 2017

---

# wp-admin/customize.php

 *  Resolved [hafman](https://wordpress.org/support/users/hafman/)
 * (@hafman)
 * [8 years, 9 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/)
 * I have renamed the wp-login and wp-admin pages with Shield and that works well
   but i’m still seeing login attempts albeit fewer than before. I learned that 
   login was possible with /wp-admin/customize.php so i tried it and it did try 
   to open the customiser panel with a login page! What’s more, my custom login 
   url was visible in the address bar.
 * Funny all other files in wp-admin are unreachable with the protection enabled.
   Is it possible to include wp-admin/customize.php?
    I don’t use the customiser
   so i’ve temporarily redirected it to 404.php in .htaccess, also to see if the
   login attempts stop

Viewing 8 replies - 1 through 8 (of 8 total)

 *  Plugin Author [Paul](https://wordpress.org/support/users/paultgoodchild/)
 * (@paultgoodchild)
 * [8 years, 9 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9497861)
 * I’ll dig into this and see what I can do about that. Thanks for reporting it!
 * Also, when you say you’re “still seeing login attempts”… how are you seeing them?
 *  Thread Starter [hafman](https://wordpress.org/support/users/hafman/)
 * (@hafman)
 * [8 years, 9 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9497949)
 * I have Sucuri security installed as well and it sends me emails whenever logins
   or attempts happen. There were 50 a day at one point but it’s a trickle now since
   renaming.
 *  Thread Starter [hafman](https://wordpress.org/support/users/hafman/)
 * (@hafman)
 * [8 years, 9 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9497953)
 * this is where i found out the customizer.php
    [https://wordpress.org/support/topic/wps-hide-login-can-be-bypassed/](https://wordpress.org/support/topic/wps-hide-login-can-be-bypassed/)
    -  This reply was modified 8 years, 9 months ago by [hafman](https://wordpress.org/support/users/hafman/).
      Reason: wrong URL entered
 *  Plugin Author [Paul](https://wordpress.org/support/users/paultgoodchild/)
 * (@paultgoodchild)
 * [8 years, 9 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9498933)
 * I’ll look at the customizer thing, but the reason I asked about how you’re seeing
   the logins is because of this:
    [https://icontrolwp.freshdesk.com/support/solutions/articles/3000058533-sucuri](https://icontrolwp.freshdesk.com/support/solutions/articles/3000058533-sucuri)(
   there’s a link to Wordfence also, and this will explain it further).
 *  Thread Starter [hafman](https://wordpress.org/support/users/hafman/)
 * (@hafman)
 * [8 years, 9 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9499601)
 * Thanks Paul, I’ve deactivated Sucuri now as Shield does mostly the same without
   scaremongering and bothering me with emails. The login attempts have dropped 
   off almost completely since yesterday.
 *  Plugin Author [Paul](https://wordpress.org/support/users/paultgoodchild/)
 * (@paultgoodchild)
 * [8 years, 9 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9499999)
 * Good call. I hear you on the Scaremongering… I think many folks find it slightly
   addictive. We had a great plugin review on just that ([https://twitter.com/iControlWP/status/899356872226066432](https://twitter.com/iControlWP/status/899356872226066432))
 * So I have a solution to the customize.php issue. It went much deeper than just
   customize and it might present a great long-term solution going forward, but 
   it may need a bit of testing as it could interfere with other random things I’m
   not aware of. Would you be up for that? If so I’ll show you how.
 *  Thread Starter [hafman](https://wordpress.org/support/users/hafman/)
 * (@hafman)
 * [8 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9520128)
 * Hello Paul, yes i would like to test. Sorry for the delay in replying
    – Nick
 *  Plugin Author [Paul](https://wordpress.org/support/users/paultgoodchild/)
 * (@paultgoodchild)
 * [8 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9520459)
 * It’s been released already, so your problem should be fixed

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘wp-admin/customize.php’ is closed to new replies.

 * ![](https://ps.w.org/wp-simple-firewall/assets/icon-256x256.png?rev=3054572)
 * [Shield Security – Smart Bot Blocking, Brute-Force Login Protection & File Scanning](https://wordpress.org/plugins/wp-simple-firewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-simple-firewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-simple-firewall/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-simple-firewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-simple-firewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-simple-firewall/reviews/)

## Tags

 * [brute force](https://wordpress.org/support/topic-tag/brute-force/)
 * [rename login](https://wordpress.org/support/topic-tag/rename-login/)

 * 8 replies
 * 2 participants
 * Last reply from: [Paul](https://wordpress.org/support/users/paultgoodchild/)
 * Last activity: [8 years, 8 months ago](https://wordpress.org/support/topic/wp-admin-customize-php/#post-9520459)
 * Status: resolved