hide-login-page

Hello. The plugin works, but contains a bug that blocks access to regular pages created by the user. We use: WordPress 6.3.2. Plugin — Hide login page and admin area of WordPressAuthor: Webcraftic. Version 1.1.9 Problem: Activating the «Hide login page» option in the plugin blocks access not only to wp-login.php and wp-signup.php, BUT also to a regular page that has the URL — /login (page — /login) . How to avoid mistakenly blocking access to the URL /login?

This sort of works… for about a split second. Type yoursite/wp-admin immediately reveals the ‘hidden’ login page 🙁 Not sure if wordpress is redirecting to the hidden page or if some other plugin is doing that. In either case this does not protect the login page if someone types yoursite/wp-admin instead of wp-login.php 🙁

Excellent security from Clearfy/Webcraftic THANKS UPDATE: 5/22/22 We keep going back to this company. We’re glad they’re still around! see our comments on their Clearfy + Disable Comments. Bob + Steph Fox «;-) n Kitty {‘;-D

I don’t recommend this plugin to anyone. Firstly, as explained by another user in the support forum, it is possible for a hacker to circumvent this and all other plugins of this type if they use Firefox. So if none of the hackers that know this happen to target your site, you’ll be fine, but it is highly probable that you will still be targeted by brute-force attacks. You’ll get fewer of them, but won’t eliminate them. As if that isn’t bad enough, after using this plugin for a while, both the default login page and the custom one generated by this plugin returned a 404, locking me out of my admin panel. I had to manually delete or rename the plugin folder in my file manager in order to regain access. No plugin is worth that kind of a headache, particularly if it isn’t even blocking all attacks to begin with. Aside from all that is the fact that this plugin receives absolutely zero support. Check the support forum and you will easily see that the developer has never responded to anything, ever. So, if it happens to work for you, great. But it probably won’t, and if it doesn’t, you will get absolutely no help. Just use a good password and maybe throw in a plugin like Limit Login Attempts or Wordfence or something of that nature.

I already have «limit login attempts» installed along with «two factor login» but that doesn’t stop hackers from trying. They get logged out after three attempts but then a change of IP address and they try again. So far today in the 15 hours since midnight I’ve had 166 logouts on one of my sites. Each time I get an email advising me. I’ve just installed this plugin and it’s all stopped. How about that!! I must confess I was concerned about the install just in case something went wrong but all is well. Any author who is willing to offer their expertise free of any formal charge is to be commended. Thank you very much. I only think it’s a pity the author does not acknowledge and respond to the one or two people who ask for assistance but from me it’s five stars. EDIT I guess it either works and gets five stars or it doesn’t and gets one star. Despite having changed my login address to something «unguessable» and known only to me, a hacker has found the login page. This is not the first time. I reported this in a support thread some while ago and the author claimed it was not possible. I can only say the author needs to look again as right now this plugin has a security flaw that somehow allows a hacker to penetrate it. Perhaps because it’s not been updated for some while and needs some further attention. Pity as it was doing so well.

Thank You