BUG FIX: For lost password page in 'Hide Login Area'

  • When activating the ‘Hide Login Area’ on a multisite setup. The lost password page does not work correctly because the link that the form posts to is: wp-login.php and hence this then results in a 404 page.

    The reason that this seems to be happening is that in the wp-login.php page the lost password form is using the function ‘network_site_url()’ to generate the form action. however all other forms (register form, login form ..etc) use the function ‘site_url()’ to generate their form action.

    Looking at the class: /modules/free/hide-backend/class-itsec-hide-backend.php
    Line: 49

    We can see that we have the line:
    add_filter( ‘site_url’, array( $this, ‘filter_login_url’ ), 10, 2 );

    However, straight after this line, we need to add the line:
    add_filter( ‘network_site_url’, array( $this, ‘filter_login_url’ ), 10, 2 );

    This will mean that both the ‘site_url’ and the ‘network_site_url’ will be filtered correctly and will fix the issue with the lost password form not working, on a multisite setup.

    Is this something that you will be able to get added to your code repository as a patch fix.

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘BUG FIX: For lost password page in 'Hide Login Area'’ is closed to new replies.