Attackers are able to find the alternative login url

  • I’m not sure (yet) how they do it, but even after setting a complex and completely random login url, attackers immediately are able to find it an try to login.

    So not only is this plugin unsupported, it is also creating a false sense of security now.

    It might even be leaking the alternative login url afaik.

  • The topic ‘Attackers are able to find the alternative login url’ is closed to new replies.