How to mask the admin area as a 404 error

  • Resolved merelik

    (@merelik)


    1 year, 5 months ago

    Hi there,

    I want to mask admin area as standard 404 page. When I turn “Mask admin area” on, I don’t see this option. By default it gives 500 error “This feature is forbidden temporarily for security reason. Try login again.” on admin area page. All other options I have are to switch to a redirect to another page. But how can I show the standard 404 page and 404 respond on the standard WordPress admin area url?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support Williams – WPMU DEV Support

    (@wpmudev-support8)

    Hi @merelik

    I hope you’re well today!

    Yes, it gives the error message by default.

    You can, however, use the redirect option to simply redirect to a non-existing URL on the page.

    So:

    – enable login masking and set your login URL there
    – set “Redirect traffic” option to “Custom URL”
    – and put URL similar to

    https://yoursite.com/nothing-here

    in “Redirection URL” field.

    It can be any URL but for your needs you’d like it to be in your domain but with non-existing slug.

    So user will be redirected to that URL and site will automatically issue standard WordPress 404 page (along with 404 HTTP status).

    Best regards,
    Adam

    Thread Starter merelik

    (@merelik)

    Adam, thanks for the reply. I understand that. That’s why I asked how to do it without a redirect. Because when a visitor goes to the actual 404 page, he gets the 404 response and the content of the 404 page without a redirect. But if he goes to the admin area, he will get the redirect first and then the 404 response and the 404 page content. As far as I understand, Defender does not have this feature (I mean masking the admin area as a 404 page without redirect)?

    Plugin Support Kris – WPMU DEV Support

    (@wpmudevsupport13)

    Hi @merelik

    Yes, Defender does not have such a feature. Please note 404 page is completely different from the login page. 404 page relies on a 404.php file from WP core or a 404 template file from your theme if that one supports that page. The default login page relies on wp-login.php which is reserved for admin login.

    Now, Defender relies on that file(wp-login.php) as well as a login page which will have a different slug -> that will be your new Masking URL slug.

    What you are trying to achieve is to make your default wp-login.php act like a 404 page. At this point, if the login page starts working like a 404 page, Defender will not be able to rely on login page. That is why redirect is needed here. In the first place Defender blocks access to that page and all default slugs (wp-login.php / login / wp-admin). Later on, it implements your new login slug. In the final stage, it allows to use of those default login slugs and simply redirects them.

    Hope this puts more light that this will be not possible without redirection.

    Kind Regards,
    Kris

    Thread Starter merelik

    (@merelik)

    Kris, thank you for such an extended answer and for your time. You are doing a great job.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘How to mask the admin area as a 404 error’ is closed to new replies.