Can hackers find out the new login page?

Is it possible to register on your site?

I think no.

It should check, and check if an extension does not write the admin url on your site in the sources for example.

Like I try going mysite.com/wp-login but it gives me the 404 error. So I am just wondering how did this hacker found out my login page if he tried to login to my site?

In my knowledge, my WP-login works only from the unique url.

I do not have registration enabled.

So do you have any idea how they knew the login page? ??

how do I check if an extension does write the admin url?

• This reply was modified 5 years, 11 months ago by wordpressisthebest.

I’ve had this problem too. I’m new to WordPress and certainly no expert. I’m on IONOS host running up to date WordPress 5.02 and PHP 7.2.

I’m using WPS Hide and Limit and a hacker has been steadily targeting my site. New site, no crucial data, etc. so I’m fine. Lots of login attempts. Didn’t know the attacker could find out my login name! I added
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/wp-admin [NC]
RewriteCond %{QUERY_STRING} author=\d
RewriteRule ^ /? [L,R=301]
to my htccess file per a recent blog article I read and created a new admin account, deleted the old.

I had changed my login url to something like loginhntvo4t94832 and the attacker found it somehow! At any rate…I’m learning! lol

I have the same problem as the OP.

The attackers still find the new URL created by WPS Hide Login plugin.

I think this issue needs to be addressed asap.

It’s up to you to tell me how he found it and I’ll do a fix.

Is it due to another plugin that you have that shows some share in the source code of the page this URL, I do not know.

I don’t think it’s your plugin. I think it’s weaknesses in WP.
My website does not allow people to sign up. I’m the only one with access. Hackers were finding my user name and login address. Having done some WP security research and reading over an afternoon, I decided to take the advice of what I found here (https://blog.templatetoaster.com/wordpress-htaccess-file-guide/) and added the following to the end of my htaccess file –

# Block Viewing of User Name
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/wp-admin [NC]
RewriteCond %{QUERY_STRING} author=\d
RewriteRule ^ /? [L,R=301]

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
allow from 123.123.123.123
</Files>

Since doing this and creating new admin account, deleting the old, and creating a new login URL, (just to be safe and give my site a fresh start) I’ve had no attempts. It’s been about a week now. We’ll see if it lasts.

Having the same issue here.

Basic site with no real plugins and was getting login attempts. Added your plugin as i use it on other sites and it went quiet for a day but now since last night a login attempt every hour or so.

I tested the login page and get 404 on normal WP admin page so not sure what’s going on.

Edit: just changed the url and still getting attempts.

Read my reply above you. It has worked for me. See if it helps you and please report back either way with feedback for others.

Deactivate XMLRPC

I have the same issue.

I use Sucuri on some sites and Wordfence on others.

So I am getting constant notifications of a person (or robot) trying to login to my site.

I was excited to find the WPS Hide Login plugin because I thought it would change this!

But it did not.

Somehow the hackers appear to have found the new login page.

At least I keep getting Sucuri and Wordfence notices that someone tried to login and failed.

I will try deactivating XML-RPC as you suggested, Nicolas.

Although I use Jetpack and my sites are all connected via Jetpack to WordPress.com

I am not sure if disabling XMLRPC will break those connections?

Has anyone found a verified solution to this problem? Same thing has been happening to me and I have tried all the things suggested above

Hello,
corrections are in progress to prevent recurring problems. I will release a new version of the plugin.