Title: wp-login.php Last modified: August 20, 2016 --- # wp-login.php * [ilian55](https://wordpress.org/support/users/ilian55/) * (@ilian55) * [13 years, 2 months ago](https://wordpress.org/support/topic/wp-loginphp-7/) * Hi there, * I changed the login url, and i forgot it. Now how to log-in the admin area ??? * [http://wordpress.org/extend/plugins/better-wp-security/](http://wordpress.org/extend/plugins/better-wp-security/) Viewing 15 replies - 1 through 15 (of 52 total) 1 [2](https://wordpress.org/support/topic/wp-loginphp-7/page/2/?output_format=md) [3](https://wordpress.org/support/topic/wp-loginphp-7/page/3/?output_format=md) [4](https://wordpress.org/support/topic/wp-loginphp-7/page/4/?output_format=md) [→](https://wordpress.org/support/topic/wp-loginphp-7/page/2/?output_format=md) * [Handoko](https://wordpress.org/support/users/handoko-zhang/) * (@handoko-zhang) * [13 years, 2 months ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542408) * First don’t panic. It is not hard to retrieve the information. * 1. Login to your **cPanel** and then use **File Manager**. You can also use FTP. * 2. Locate your **.htaccess** file. Normally, it located at the root directory. Save it to your local computer and open it using any text editor (Notepad for example). * 3. Pay attention on the text like: **RewriteRule ^**_mylogin_**/?$ /wp-login. php?**_blablabla_** [R,L]** * Note: – _blablabla_ is computer generated secret code – _mylogin_ is your login url * It seems a bit hard, but all you need is examine the .htaccess file carefully, then you will found your login url. * Good luck! * Thread Starter [ilian55](https://wordpress.org/support/users/ilian55/) * (@ilian55) * [13 years, 2 months ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542415) * Hi, there Thanks for the answer. I found it! * [Handoko](https://wordpress.org/support/users/handoko-zhang/) * (@handoko-zhang) * [13 years, 2 months ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542416) * Glad to hear about it. * [geoffg11](https://wordpress.org/support/users/geoffg11/) * (@geoffg11) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542631) * HI Handoko (or anyone that can help), I have the same problem as ilian55. However, I probably know less about this stuff than he. Where is the cPanel? So then I can do what was suggested (i Hope). Thank you very kindly, geoff * [Handoko](https://wordpress.org/support/users/handoko-zhang/) * (@handoko-zhang) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542632) * Which webhost are you using? * Most webhosts use cPanel to let user to connect their website. Unfortunately, as far as I know some webhosts do not use cPanel. * Here is the easy way to test and login to your cPanel. For example your website domain is example.com, you can simple add “/cpanel” at the end, so it becomes: [http://example.com/](http://example.com/)**cpanel** * Try it on your domain, but if it fails, you perhaps need to use FTP to access your website. * Good luck. * [geoffg11](https://wordpress.org/support/users/geoffg11/) * (@geoffg11) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542633) * Thank you for your help. I had tried that, but it didn’t work. It turned out to be much more complex than I had thought, and only partly related to Better WP Security. Again, many thanks. * [Handoko](https://wordpress.org/support/users/handoko-zhang/) * (@handoko-zhang) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542634) * I’m sorry that can’t help. Are you now still not able to login? If you trust me and willing to provide more information, you can contact me directly: handoko_yahu at yahoo.co.id. * [chetan0412](https://wordpress.org/support/users/chetan0412/) * (@chetan0412) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542635) * hi, * how to hide login.php? * [WPyogi](https://wordpress.org/support/users/wpyogi/) * (@wpyogi) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542636) * This may be relevant: [http://wordpress.org/support/topic/brute-force-attacks-and-wordpress?replies=1](http://wordpress.org/support/topic/brute-force-attacks-and-wordpress?replies=1) * [chetan0412](https://wordpress.org/support/users/chetan0412/) * (@chetan0412) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542637) * Thanks for rep. * another question is my BWPS is asking to add following in .htaccess * //BEGIN Better WP Security define( ‘DISALLOW_FILE_EDIT’, true ); define( ‘BWPS_AWAY_MODE’, true ); define( ‘BWPS_FILECHECK’, true ); //END Better WP Security * but m not able to save same in WP-config.php, * after saving when i open WP-CONFIG.php, this two line is coming at the last “// BEGIN Better WP Security //END Better WP Security ” * [geoffg11](https://wordpress.org/support/users/geoffg11/) * (@geoffg11) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542638) * Handoko, Thx, but my issue is resolved. As I said only half due to BWPS. * [Pedja](https://wordpress.org/support/users/batapeky/) * (@batapeky) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542639) * Well, geoffg11 how did you resolve the problem ? Do you wanna share with us, I have the same problem.. what is the solution at the end * [Pedja](https://wordpress.org/support/users/batapeky/) * (@batapeky) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542640) * > 3. Pay attention on the text like: > RewriteRule ^mylogin/?$ /wp-login.php?blablabla[ > R,L] > Note: > – blablabla is computer generated secret code – mylogin is your login > url > It seems a bit hard, but all you need is examine the .htaccess file carefully, > then you will found your login url. * What to examine, here is the .htaccess.. what’s wrong? Btw, secret code is no much secret when shows in url bar.. * ``` # BEGIN Better WP Security Options -Indexes # Begin HackRepair.com Blacklist RewriteEngine on # Abuse Agent Blocking RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Bolt\ 0 [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot\@yahoo\.com [NC,OR] RewriteCond %{HTTP_USER_AGENT} CazoodleBot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Default\ Browser\ 0 [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^DIIbot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR] RewriteCond %{HTTP_USER_AGENT} discobot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR] RewriteCond %{HTTP_USER_AGENT} ecxi [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR] RewriteCond %{HTTP_USER_AGENT} GT::WWW [NC,OR] RewriteCond %{HTTP_USER_AGENT} heritrix [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR] RewriteCond %{HTTP_USER_AGENT} HTTP::Lite [NC,OR] RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] RewriteCond %{HTTP_USER_AGENT} ia_archiver [NC,OR] RewriteCond %{HTTP_USER_AGENT} IDBot [NC,OR] RewriteCond %{HTTP_USER_AGENT} id-search [NC,OR] RewriteCond %{HTTP_USER_AGENT} id-search\.org [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR] RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InternetSeer\.com [NC,OR] RewriteCond %{HTTP_USER_AGENT} IRLbot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ISC\ Systems\ iRc\ Search\ 2\.1 [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR] RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR] RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR] RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR] RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR] RewriteCond %{HTTP_USER_AGENT} lwp-trivial [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Maxthon$ [NC,OR] RewriteCond %{HTTP_USER_AGENT} MFC_Tear_Sample [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^microsoft\.url [NC,OR] RewriteCond %{HTTP_USER_AGENT} Microsoft\ URL\ Control [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR] RewriteCond %{HTTP_USER_AGENT} Missigua\ Locator [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*Indy [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*NEWT [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^MSFrontPage [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Nutch [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR] RewriteCond %{HTTP_USER_AGENT} panscient.com [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR] RewriteCond %{HTTP_USER_AGENT} PECL::HTTP [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^PeoplePal [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR] RewriteCond %{HTTP_USER_AGENT} PHPCrawl [NC,OR] RewriteCond %{HTTP_USER_AGENT} PleaseCrawl [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Rippers\ 0 [NC,OR] RewriteCond %{HTTP_USER_AGENT} SBIder [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^SeaMonkey$ [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^sitecheck\.internetseer\.com [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR] RewriteCond %{HTTP_USER_AGENT} Snoopy [NC,OR] RewriteCond %{HTTP_USER_AGENT} Steeler [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Toata\ dragostea\ mea\ pentru\ diavola [NC,OR] RewriteCond %{HTTP_USER_AGENT} URI::Fetch [NC,OR] RewriteCond %{HTTP_USER_AGENT} urllib [NC,OR] RewriteCond %{HTTP_USER_AGENT} User-Agent [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR] RewriteCond %{HTTP_USER_AGENT} Web\ Sucker [NC,OR] RewriteCond %{HTTP_USER_AGENT} webalta [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR] RewriteCond %{HTTP_USER_AGENT} WebCollage [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR] RewriteCond %{HTTP_USER_AGENT} Wells\ Search\ II [NC,OR] RewriteCond %{HTTP_USER_AGENT} WEP\ Search [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WWW-Mechanize [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR] RewriteCond %{HTTP_USER_AGENT} zermelo [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus\.*Webster [NC,OR] RewriteCond %{HTTP_USER_AGENT} ZyBorg [NC] RewriteRule ^.* - [F,L] # Abuse bot blocking rule end # End HackRepair.com Blacklist Order allow,deny Deny from all Order allow,deny Deny from all Order allow,deny Deny from all Order allow,deny Deny from all Order allow,deny Deny from all RewriteEngine On RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L] RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC] RewriteRule ^(.*)$ - [F,L] RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\.php* RewriteCond %{HTTP_REFERER} !^(.*)mywebsite.com.* RewriteCond %{HTTP_REFERER} !^http://jetpack\.wordpress\.com/jetpack-comment/ [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule ^(.*)$ - [F,L] RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR] RewriteCond %{QUERY_STRING} ^.*\.(bash|git|hg|log|svn|swp|cvs) [NC,OR] RewriteCond %{QUERY_STRING} etc/passwd [NC,OR] RewriteCond %{QUERY_STRING} boot\.ini [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(request|select|concat|insert|union|declare).* [NC] RewriteCond %{QUERY_STRING} !^loggedout=true RewriteCond %{QUERY_STRING} !^action=rp RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$ RewriteCond %{HTTP_REFERER} !^http://maps\.googleapis\.com(.*)$ RewriteRule ^(.*)$ - [F,L] RewriteRule ^mycustomloginslug/?$ /wp-login.php?mycustomsecretcode [R,L] RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$ RewriteRule ^mycustomadminslug/?$ /wp-login.php?mycustomsecretcode&redirect_to=/wp-admin/ [R,L] RewriteRule ^mycustomadminslug/?$ /wp-admin/?mycustomsecretcode [R,L] RewriteRule ^mycustomregslug/?$ /wp-login.php?mycustomsecretcode&action=register [R,L] RewriteCond %{SCRIPT_FILENAME} !^(.*)admin-ajax\.php RewriteCond %{HTTP_REFERER} !^(.*)mywebsite.com/wp-admin RewriteCond %{HTTP_REFERER} !^(.*)mywebsite.com/wp-login\.php RewriteCond %{HTTP_REFERER} !^(.*)mywebsite.com/mycustomloginslug RewriteCond %{HTTP_REFERER} !^(.*)mywebsite.com/mycustomadminslug RewriteCond %{HTTP_REFERER} !^(.*)mywebsite.com/mycustomregslug RewriteCond %{QUERY_STRING} !^mycustomsecretcode RewriteCond %{QUERY_STRING} !^action=logout RewriteCond %{QUERY_STRING} !^action=rp RewriteCond %{QUERY_STRING} !^action=register RewriteCond %{QUERY_STRING} !^action=postpass RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$ RewriteRule ^.*wp-admin/?|^.*wp-login\.php /not_found [R,L] RewriteCond %{QUERY_STRING} ^loggedout=true RewriteRule ^.*$ /wp-login.php?mycustomsecretcode [R,L] # END Better WP Security # BEGIN WordPress RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress ``` * [Handoko](https://wordpress.org/support/users/handoko-zhang/) * (@handoko-zhang) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542641) * [@chetan0412](https://wordpress.org/support/users/chetan0412/): * _how to hide login.php?_ If you’re using WordPress Better Security, goto menu > **Hide Backend** > **Enable Hide Backend** > put your new login url in **Login Slug**. * [@pedja](https://wordpress.org/support/users/pedja/): * _I have the same problem._ What’s the problem? Can you describe more detail? * The line in your .htaccess is: RewriteRule ^**mycustomadminslug**/?$ /wp-admin/? mycustomsecretcode [R,L] * _secret code is no much secret when shows in url bar._ You need to understand how it works: – The secret code won’t show in url if user fail to type the login url – The secret code only shows when user correctly type the login url – You can change the request code whenever you want – So, it’s basically safe – Unfortunately some hackers already know the trick to bypass this login check even they don’t know the secret code * [chetan0412](https://wordpress.org/support/users/chetan0412/) * (@chetan0412) * [13 years, 1 month ago](https://wordpress.org/support/topic/wp-loginphp-7/#post-3542642) * Thanks , * But after enabling WordPress permalinks, my shop page (WooCommerce) is giving 404 error. * _[Post decapped – please [do not use all caps](http://codex.wordpress.org/Forum_Welcome#The_Bad_Stuff) in these forums]_ Viewing 15 replies - 1 through 15 (of 52 total) 1 [2](https://wordpress.org/support/topic/wp-loginphp-7/page/2/?output_format=md) [3](https://wordpress.org/support/topic/wp-loginphp-7/page/3/?output_format=md) [4](https://wordpress.org/support/topic/wp-loginphp-7/page/4/?output_format=md) [→](https://wordpress.org/support/topic/wp-loginphp-7/page/2/?output_format=md) The topic ‘wp-login.php’ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 52 replies * 16 participants * Last reply from: [Prabincha](https://wordpress.org/support/users/prabincha/) * Last activity: [12 years, 8 months ago](https://wordpress.org/support/topic/wp-loginphp-7/page/4/#post-3542714) * Status: not resolved