tabrisrp / wps-hide-login Goto Github PK
View Code? Open in Web Editor NEWThis project forked from ellatrix/rename-wp-login
WPS Hide Login
This project forked from ellatrix/rename-wp-login
WPS Hide Login
The plugin doesn't change the URL structure in the default email template sent to users when they change their email address.
The URL I see in the email looks like this:
https://URL.com/wp-admin/profile.php?newuseremail=fefaa798051ccd2c2b7bebd5d0
Since all traffic to /wp-admin/ goes to the 404 page by the design of the plugin, users are unable to confirm change of their email address.
Hello,
I wanted to try your plugin. After install It won't be activated. I'm getting this error message:
Parse error: syntax error, unexpected T_USE, expecting T_FUNCTION in ..................wp-content/plugins/wps-hide-login/classes/plugin.php on line 8
I tried to disable all plugins if I will see some compatibility issue with other plugins. It didn't help. Maybe it's an issue with WP theme.
Do you have an idea what I can try to do?
Thank you,
L.
I have completely forgotten what I named my login page. I have FTP access to my server, is it possible to see what my login page is?
Dear Developers!
I'm sorry, I do not really speak good English. I have not been able to sign in and can not access the admin interface since Wordpress update. I managed to find out that unfortunately the plugin caused the problem. Please correct the error!
After completing the second factor for login and it redirects to wp-admin it still says it's disabled, not recognising a successful login has taken place.
After a few minutes after logging in, even if I try to move to the page I want, it moves to the .
It would be a helpful option if you could select the targets to which you are forwarded.
https://wordpress.org/support/topic/redirect-page-6/
Hi! I found a problem in case when the url of WP Admin is different than url of wordpress site. After login the plugin redirect user to 404 page.
How to reproduce?
What we expect
The plugin should redirect user to /wp-admin/ in Wordpress Address (URL).
Hi,
Do you mind if I clean the checkstyle of your WordPress plugin?
I just updated to version 1.5.4.
Since then, the 'login url' has changed.
I'm using 'wordpress url' and 'site url' differently.
'wordpress url' is http://mysite.com/wordpress
'site url' is http://mysite.com
Before the plugin update, the 'login url' was http://mysite.com/login/, but after the update it became http://mysite.com/wordpress/login/.
Where can i report bugs ?
Hey,
Great plugin. When I had a user, say for example "test user" use forget password, the email link doesn't include a "%20" where the space should be in the link.
The sample link would be <http://testsite.com/new_wp/?action=rpQWAadSstAn6mlAzRec0z&login=Test User> rather than http://testsite.com/new_wp/?action=rpQWAadSstAn6mlAzRec0z&login=Test%20User
Hi.. Did is possible when the plugin is installed and the login page renamed to insert the file wp-login.php in the Wordfence blacklist causing the block of all malicious hit to wp-login.php..?
This is an important question
Thanks very much for help
Tried this plugin on my site and it would not work because I was being directed to http address instead of https. My site is configured to use http for viewing the website but https when logging in or using the admin. There doesn't appear to be a way to change the part of the address that sets this which I believe is what is causing the plugin to not work properly with my site.
Cannot find it in settings general....no appearing
Hi
I have used this plugin on 3 sites, only one of which takes comments, and on that site the authors report that they can't approve comments via the usual inline email message links, which I presume is because the standard login route has been modified. Can this be resolved or do I need to look at an alternative way to hide the login where comments notification links are emailed out for approval?
Thanks
I use WHL on many sites, this is my first one with BuddyPress, but the official plugin description specifically states they should play nice together.
Issue is this... When both WHL and BP are active, the login page gets refreshed after a successful login, rather than a redirect anywhere. If WHL is disabled and (wp-login is used), successful redirect to admin page after login. If BP is disabled, successful redirect after login.
It's a completely fresh install for a new BP project. WP 4.7.1 (6 dec 2016) with BP 2.7.3 (7 dec 2016) and WHL 1.1.7 (18 dec 2016). Tried the 2017, 2015 and 2013 (unmodified) default WP themes and some redirect-on-login plugins with no change. All plugins disabled one at a time until the interaction between WHL and BP was confirmed.
Thoughts?
There must be a hole in the plugin, because for some time now hackers discover my login address even if I change it to not dictionary string (e.g. "A7jkj4hT6"). Today I changed it again and it took someone 20 minutes to find it and try to login (failed luckily) :)
By the way the plugin removes any special characters from address and only letters and numbers are working. But that is not a big problem :)
So please investigate if you can. I like your plugin very much but there was no update for a long time. If you need some more details please let me know, I'll see what I can provide.
Best regards.
I have a question
Would it be possible to change only one url, for example wp-login.php and keep wp-admin.php present?
Because I only want to change wp-login.php but for hosting I need not change wp-admin.php
I am sorry for my English.
In my site when using wps-hide-login plugin if i opened 404 page the login url in that page will be only '#'
after deep looking in the plugin code i found that there's condition to do that in wps-hide-login/classes/plugin.php#687
/**
*
* Update url redirect : wp-admin/options.php
*
* @param $login_url
* @param $redirect
* @param $force_reauth
*
* @return string
*/
public function login_url( $login_url, $redirect, $force_reauth ) {
if ( is_404() ) {
return '#';
}
if ( $force_reauth === false ) {
return $login_url;
}
if ( empty( $redirect ) ) {
return $login_url;
}
$redirect = explode( '?', $redirect );
if ( $redirect[0] === admin_url( 'options.php' ) ) {
$login_url = admin_url();
}
return $login_url;
}
but i am wondering why ? why not just leave the login url as it in 404 page?
Hi, I used wps-hide-login to have a customize admin login page. When i used the customize admin login page and log in my account, I will be redirected to /wp-admin which is disabled. Any suggestion?
We're using the plugin fine(thanks for all of your work!), but we have been (still) getting hack attempts where the security plugin(Wordfence) tells us people are repeatedly trying to login, adn getting blocked. I noticed the form action also goes to the new, obfuscated URL, but I'm wondering if a 'curl' POST to the original wp-login.php URL would succeed. I'm wondering also if these attempts are script based...
I was going to add a CSRF plugin to try to make sure that the person logging in actually started the session with a GET.
thoughts or recommendations??
Hi,
I'm facing an issue with WP installed in its own custom directory (e.g. /wp) and the User Switching plugin.
When switching to another user (e.g from admin to editor) and trying to switch back, I get the error:
Could not switch users.
Steps to reproduce:
By deactivating WPS Hide Login it works as expected.
The switch action posted to wp-login.php is switch_to_olduser
.
The URL without WPS Hide Login is:
https://test.dev/wp/wp-login.php?action=switch_to_olduser&nr=1&_wpnonce=xxx&redirect_to=https%3A%2F%2Ftest.dev%wp%2Fwp-admin%2F%3Fuser_switched%3Dtrue
with WPS Hide Login activated:
https://test.dev/login/?action=switch_to_olduser&nr=1&_wpnonce=xxx&redirect_to=https%3A%2F%2Ftest.dev%wp%2Fwp-admin%2F%3Fuser_switched%3Dtrue
Note: with WP installed in the root it works as expected.
Thanks
The conditional check below searches for the occurrence of wp-signup
in the URL. If found, it prevents the plugin from being activated with the the message of This feature is not enabled
.
https://github.com/Tabrisrp/wps-hide-login/blob/master/wps-hide-login.php#L356
We have a plugin called Signup Referrals (https://affiliatewp.com/add-ons/pro/signup-referrals/) which has a folder and file name of affiliatewp-signup-referrals
Since the URL at activation contains wp-signup
, it's not possible for our customers to activate our plugin when also using WPS Hide Login:
/wp-admin/plugins.php?action=activate&plugin=affiliatewp-signup-referrals%2Faffiliatewp-signup-referrals.php&plugin_status=all&paged=1&s&_wpnonce=b09bdf0737
Could you kindly update the conditional check so it takes into consideration other plugins that may use wp-signup
in the URL?
Thank you
Hello, I was wondering if you could add an option where an administrator could disable the /wp-admin/ and /wp-login/ pages where they would bring up a 404 error to visitors instead of them being redirected to the actual login page.
Thanks,
Tom
Hi,
I'm using this plugin on several websites. It has always worked as expected.
But now I have an issue on a website with qTranslate X plugin.
I'm using Pre-Path Mode (Default, puts /en/ in front of URL, even for default language).
If I set the login URL: mywebsite.com/en/login/
when I try to go to mywebsite.com/en/login/ I get a 404 error page.
I saw that $_SERVER['REQUEST_URI']
is:
mywebsite.com/en/en/login/
so it's like it adds an additional “en/” to the URL.
Could you reproduce the issue?
qTranslate plugin is free and fairly popular: https://wordpress.org/plugins/qtranslate-x/
Thanks
Davide
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.