ellatrix / rename-wp-login Goto Github PK
View Code? Open in Web Editor NEWRename wp-login.php
Home Page: https://wordpress.org/plugins/rename-wp-login/
Rename wp-login.php
Home Page: https://wordpress.org/plugins/rename-wp-login/
This plugin is very usefull but since i install my ssl certification when the pluguin was running (and i chage the general setting in my wordpress)... now i cant get access to the url of the login rename (it apear a white page) i try to delete it and install it again but it still run the same
when updating wordpress to the latest version i can't access my control panel. I always receive the notice that my database has been updated and I am redirected to the home page of the website, but not to the control panel.
I tried to rename the plugin by ftp to see if it was disabled but it didn't work. How could I solve the problem and access my dashboard?
I uninstalled the plugin and now i get a redirect to
https://domain.name/wp-login.php?redirect_to=https%3A%2F%2Fdomain.name%2Fwp-admin%2F&reauth=1
And in that page i get an 404 error.
So basically i cannot login to my admin area.. What i should do ?! I do like the plugin, but if it comes with such fails it is not a good thing.
Hi, thank you for making this plugin. I wonder if you can help me, i got problem when using https it breaks the login page styling - any clues ?
Hi,
I was using /login and then I got SSL for my site. After that I was unable to login my site and deactivated all the plugins. I also uninstalled rename-wp-login but when I go to ...com/login still it redirects me to .../wp-login.php
If I reinstall rename-wp-login and change /login to /login2 or something else then it stops the redirect and works as /login2
Any ideas why or how?
Hi,
I'm using WPML and every language has its own domain.
When this plugin was enabled, I could not login on the admin of all the domains. I fixed it by changing one line. Can someone validate if the plugin is still working with this change?
Changed line 292: wp-content/plugins/rename-wp-login/rename-wp-login.php
From:
untrailingslashit( $request['path'] ) === home_url( $this->new_login_slug(), 'relative' ) || (
To:
untrailingslashit( $request['path'] ) === "/" . $this->new_login_slug() || (
Cheers
The plugin has redirected the login page OK. However the site is still sending login attempt emails form the wordpress default module, not this module. Also the brute force settings don't seem to be overwriting the default wordpress ones. Plus blacklist doesn't seem to be working as the attempt came from a IP I'd blackl
isted.
I tried this plugin on my regular Wordpress site, and it works great.
But it doesn't work on my multisite install.
The login page is rewritten fine, to example.com/login/
But after trying to login I get this error:
DNS_PROBE_FINISHED_NXDOMAIN
And looking at the URL it shows as example.comlogin/
I have enabled it Network wide, and saved login as my login URL.
Good morning.
I'm Carlos, I want to ask a question, what happens if I change the name to a page that already exists?
I want to do that because my theme has a function to log in from the page without having to access wp-login.php. What I want to achieve is that no one enters through wp-login. What I can do?
Hi!
with https backend/admin and http website frontend, itis not possible to logout. you stay in backend until the end of time.
rename-wp-login - setup url:
/mylogin
wp-config.php:
define('FORCE_SSL_ADMIN', true); // ADMIN > SSL
,htaccess:
RewriteCond %{SERVER_PORT} !^80$
RewriteRule !^wp-admin|wp-login|wp-register|wp-content|wp-includes|mylogin(.) - [C]
RewriteRule ^(.)$ http://%{SERVER_NAME}/$0 [L]
Logout Link:
http://www.mysite.de/?action=logout&_wpnonce=9e635e1d23
Èverything else works fine. How to fix that Https/Logout Problem?
This plugin make the site redirect to a 404 page when using language name in url.
See https://wpml.org/forums/topic/logout-link-not-working-in-different-language/
There is the same problem in the disconnect link of my account page of woocommerce with WPML.
I noticed that if I go to mysite.com/wp-register.php then a bot could find my new login url.
Hi, :)
Thanks for the hard work you've put into the project. My problem is: everything was working fine as long as I was using Rename WP Login with WP Super Cache, then it occurred to me how about using Cloudflare with Rename WP Login.
OK so I deleted WP Super Cache and it's automatically created files through ftp; then I enabled Cloudflare; after that I couldn't log into my own website. Now I have deleted Rename WP Login plugin but still can't login into my website. I think it's because I didn't cache new login page in Cloudflare. I didn't know how to.
My website url:
https://www.powerqueryanalyst.com/
Thank you very much!!
Hi, i disabled plug-in from a site and now i can't login.
i get 403 access error.
i already deleted plugin folder.
what else can i do? i can't enter admin site to reenable it.
Hi,
I am one of the developers of LoginPress & one of our users reported an issue if your plugin is active (user cannot customise the login errors). We found that this is caused by your plugin.
In our case, We're using login_errors filter to modify the error messages, that is working fine but when I activate your plugin the global variable $errors return Null
that is used in custom.php # 1309
So kindly check the logic of your script – this would not only solve our issue but also helps to limit conflicts with other plugins.
Thank you.
-Abdul Wahab.
I got this error after updating to WP 5.6:
Your site could not complete a loopback request
Loopback requests are used to run scheduled events, and are also used by the built-in editors for themes and plugins to verify code stability.
Problem goes away when disabling this plugin.
Hopefully this plugin still supported and this will be fixed.
Hello,
I have a question about your beautiful and useful plugin.
If I profiler with P3 profiler all my plugins, I see that this plugin (rename wp-login.php) is the slowest in the load (0,663 seconds). You know why?
Thanks
I have a plugin that disables all script and style tags as the default.
It should exclude login screen, and in standard core, that's possible via something like
if ( in_array( $GLOBALS['pagenow'], array( 'wp-login.php', 'wp-register.php' ) ) ) {
return;
}
When RWL is activated, this global becomes index.php
, meaning login screen becomes unidentifiable in the traditional manner.
What's the alternative here?
Also https://core.trac.wordpress.org/ticket/19898 discussion about is_login()
might be of interest - almost made it into 5.3, so might be getting there soon.
In version 1.9 of "rename-wp-login.php", this change is made: WP-admin will now have a 'wp_die()' message instead of a 404 template because this caused problems. I looked at the source and found "wp_die" instead of "$this->set_404();" in the function "public function wp_loaded()". Now, what I want to know is, What could go wrong if I still insist on using set_404? What are the caused problems?
On January 14 I placed a site into debug mode and the following errors have started appearing in the error log:
[21-Jan-2020 09:48:15 UTC] PHP Notice: Undefined index: path in /home/clientsite/public_html/clientsite.org/wp-content/plugins/rename-wp-login/rename-wp-login.php on line 281
[21-Jan-2020 09:48:15 UTC] PHP Notice: Undefined index: path in /home/clientsite/public_html/clientsite.org/wp-content/plugins/rename-wp-login/rename-wp-login.php on line 289
On our installation of your plugin (PHPFPM/NGinx/WP3.6.1) clicking the logout button in the admin area takes us to: http://www.example.com/hiddenlogin/?action=logout&_wpnonce=xxxxxxxxxxxx.
This shows us a login form to login again, but reloading wp-admin loads, and we are actually still logged in.
Hello, the plugin works great but sometimes it not loads the css in the login page.
The page at https://domain.com/manager was not allowed to run insecure content from http://www.domain.com/wp-admin/load-styles.php?c=0&dir=ltr&load%5B%5D=dashicons,buttons,forms,l10n,login&ver=1d8acd7e89a11e854b89a07ae8f16eb0.
Could be because, in my settings, I left http inside the site url field?
I also use wordpress https for mixed content fix.
Thanks for any suggestions
Hi,
I found a way to get to the login page, not knowing it's custom name, say it's /opensesame.
When I go to example.com/wp-login.php, I will get an error as expected, and no login-page.
So let's try example.com/wp-admin/customize.php (who knows what it's good for..)
Bingo! I will be redirected to st like:
example.com/opensesame/?redirect_to=example.com%2Fwp-admin%2Fcustomize.php&reauth=1
So this is not really a backdoor entrance, but can't be wanted behaviour, I guess.
I could reproduce this on some pages, but not all, which use your plugin, seems related to .htaccess or whatever
Is Rename wp-login.php Compatible With PHP7
I have 19 sites on a Multisite install and have changed the default /wp-admin using your great plugin.
However when a user logs in to the Network, navigates to sites to see the links to the 19 dashboards, they all point to /wp-admin and when clicked they get "Not available" instead of it linking to whatever the /wp-admin had been changed to.
Is there a setting, or something that needs adding to htaccess in order to change these links?
I believe this plugin is stated to work with WP Multisite however this is what i'd consider to be a major flaw with it.
Would appreciate some help, thanks.
Hello
We use you plugin, and its working great, but there is a message on our backend all the time saying:
"Your login page is now here: http://badgeraustralia.a2hosted.com/rwca/. Bookmark this page!"
Can this be removed please?
Dwayne
Ever since I upgraded to WP 4.5.3 and (finally) started using the new WPMU Dev Domain Mapping (had been using the free and 3 years outdated version before) this plugin doesn't work any more... :-(
Logging on via www.mappeddomain.com/newURL/ will redirect after logging in to www.originaldomain.com/wp-admin/user/
It seems to be an issue between the new Domain Mapping plugin in and the very, very, very old one. As soon as I start using the free version again, Rename works correctly. Unfortunately the old Domain Mapping doesn't create new mapped domains in WP 4.5.3. And switching between the two domain mapping plugins every time I need to create a new mapped domain is not an option. :-(
The entry on the WordPress.org plugin directory has a yellow "may no longer be maintained" banner because it hasn't been updated in 2 years. Some security plugins, ie Wordfence, are flagging it as unsafe and mailing people who have it installed warning them that the plugin is abandoned.
The plugin appears to still be compatible with current versions, so a simple update of the readme.txt should be in order to resolve both of these issues.
In den Plugins steht, dass dieses Plugin noch nicht mit WP 5.4 getestet wurde.
Funktioniert es mit WP 5.4?
Gruß
Rolf
Would it be possible to add an option in the backend to redirect users to either a selected page or to the admin, if they browse to the login page when they are already logged in?
Hi,
I've installed the plugin, and the login is going well.
But if I want to log out of my website, I get a 500 error.
Below are the logout links. The only difference is that wp-login.php is replaced by login/
Plugin on (can`t logout):
https://MYWEBSITE.nl/login/?action=logout&redirect_to=https%3A%2F%2FMYWEBSITE.nl&_wpnonce=36f86dd596
Plugin off (works fine):
https://MYWEBSITE.nl/wp-login.php?action=logout&redirect_to=https%3A%2F%2FMYWEBSITE.nl&_wpnonce=36f86dd596
After installing Rename wp-login.php, I get a warning message in debug.log:
PHP Warning: call_user_func_array() expects parameter 1 to be a valid callback, class '' not found in C:\wamp\www\example\wordpress\wp-includes\plugin.php on line 525
PHP Stack trace:
PHP 1. {main}() C:\wamp\www\example\index.php:0
PHP 2. require() C:\wamp\www\example\index.php:17
PHP 3. require_once() C:\wamp\www\example\wordpress\wp-blog-header.php:12
PHP 4. require_once() C:\wamp\www\example\wordpress\wp-load.php:37
PHP 5. require_once() C:\wamp\www\example\wordpress\wp-config.php:96
PHP 6. do_action() C:\wamp\www\example\wordpress\wp-settings.php:413
PHP 7. call_user_func_array() C:\wamp\www\example\wordpress\wp-includes\plugin.php:525
PHP 8. Rename_WP_Login->wp_loaded() C:\wamp\www\example\wordpress\wp-includes\plugin.php:525
PHP 9. require_once() C:\wamp\www\example\wordpress\wp-content\plugins\rename-wp-login\rename-wp-login.php:334
PHP 10. do_action() C:\wamp\www\example\wordpress\wp-login.php:895
PHP 11. call_user_func_array() C:\wamp\www\example\wordpress\wp-includes\plugin.php:525
line 334 is:
@require_once ABSPATH . 'wp-login.php';
What is causing this?
Just installed and activated rename-wp-login, which all works great.
Except....
As all comments to my blog are moderated, I get an e-mail every time a comment is posted. In such e-mails are a set of links regarding the comment: "Approve It", "Trash It", "Spam It", as well as another link with takes you to the comment moderation panel.
Each of these links takes me through the website wordpress login process. Alas, the 'wp-admin' in these links is not upgrated by your plug-in, such that all of these links no longer function.
Unfortunate, as otherwise it's a great little plug-in.
When a user tries to use forgot password, or the password is reset programmatically, the link they recieve in their email does not take them to the screen to input a new password. Tried on multiple installs, but I have not yet tested it on a blank install.
Translate the plugin to French Canada.
Change default slug from:
login
to:
my-login
Reason: WordPress already works with login
so it is useless to set it to login
.
Hello -
I'm trying to use the Force SSL Administration option in Wordpress HTTPS (SSL) plugin but can't get it working. When trying to login with that option set I get the following message: You must log in to access the admin area. I'm guessing it might be an issue with the wp-login being renamed with your plugin.
I've tried disabling the HTTPS SSL plugin and doing define('FORCE_SSL_ADMIN', true); in wp-config and that worked fine (with the rename wp-login in place). Please advise! Thanks.
If you are allowing people to register on your site (for instance you are using woocommerce to sell things) then all someone has to do is use this and it then shows the 'hidden' folder name in the URL!
http://yoursite.com/wp-register.php
I noticed some hacking activity which wordfence blocked as someone was hammering at the 'hidden' login. After looking at their activity history it was quite obvious this is how they figured it out.
Not sure how to go about getting this fixed?
It appears that it is possible to view the login page when already logged in. I'm using the default /login slug, I've disabled all other plugins and rebuilt the permalinks and the problem seems to persist.
As a result of this, if you get the password wrong at the first attempt, then log in correctly, I was redirected back to the login page so it looked like I still wasn't logged in, but I was in fact.
Good morning,
I've been using this plugin for a while and de-activated it a few weeks ago and things seemed to keep working until I tried to login this morning. I got a "You must log in to access the admin area." error message and so I removed the folder containing the plugin. However when I did so I got a 403 error message "Access to [my site] was denied You don't have authorisation to view this page. HTTP ERROR 403".
It seems, even when inactive, the plugin has changed something structurally with the website. I can see the website address has a redirect in it "https://[my site]/wp-login.php?redirect_to=https%3A%2F%2F[my site]%2Fwp-admin%2F&reauth=1".
Naturally the [my site] is where my site is listed in full. How do I completely flush this plugin from my site pls? I've already FTP'd in and moved/deleted the folder to get this message so what else needs to happen? Pls help!!!
Hello everyone.
I got a problem, I use rename wp-login in 3 websites. I've moved all my websites (13) to another server and I can't login into dashboard of these 3 that I installed rename wp-login. I just see the website normally and the menu bar is incomplete. I cant manage nothing at all.
Could someone help me please?
Hi,
after installing the plugin and updating the URL, the "ribbon" saying:
Your login page is now here: [...]. Bookmark this page!
Appears on every page.
Hi,
it would be cool if I could redirect /wp-admin -> /login (being "login" my chosen string, of course).
This request an external editing i.e htaccess or another redirection plugin, or could be done in next versions of your plugin?
Actually if I visit mysite.it/wp-admin I can see a message "You must log in to access the admin area.", and would be better to remove it in a "clear" way.
Thanks!
Could you update the Change Log to reflect the most recent version.
Thank you.
Hello,
Love the plug-in. Has decreased my mass attack alerts significantly (Since the lazy hackers only look for wp-admin function).
My only issue is that when I try to insert content from the media library into a post or page, the "media Library" thumbnails do not display. When I disable the Rename-WP-login plug in, the site functions normally and I can load media into post.
I can see the media in "list" mode, but not thumbnail mode (See attached) with plugin active.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.