Infinite login loop

Hi,

Could you enable your JS console when your are attempting to login from one of the affected sites, to do this (chrome):
Press CTRL+SHIFT+J (CMD+OPT+J on a Mac) or F12
A Developer Tools sub-window should appear, as in the screenshot below
In the Developer Tools window, click the ‘Console’ tab

Can you let me know what errors you see and if possible provide a screenshot?

Hi,
first of all thanks for answering.
I already checked it, but nothing is reported in the console.
Anyway, I’m attaching you the screenshot: https://postimg.cc/LYg3vmQd

PS: just one screenshot, because before and after the form submission the screen/console are exactly the same

That console isn’t giving much away!
Would you be able to provide the URL of one of the sites?

You can try with https://www.casavela.it/accesso (your plugin is on, WPS Hide Login is off).

I also checked the server/php log file, there is nothing there too

I am having this same problem. Was there ever any solution?

• This reply was modified 3 years, 2 months ago by InventiveWebDesign.

Theres a couple of things your could try, the first is very basic so it’s worth checking, the second is a bit more involved.

In the WordPress admin area, can you go Settings ? General page and check the site URL’s
If these URLs are incorrect, then WordPress will redirect you back to the login page.

You could also try regenerating your .htacess file
Sometimes the .htaccess file can get corrupted.
Simply access your website through an FTP client or via the File Manager app in your hosting account dashboard.
Once connected, locate the .htaccess file in the root folder of your website and download it to your computer as backup.`
After that, go ahead and delete the .htaccess file from your website.
Next, open the wp-admin directory and if there is a .htaccess file there, then go ahead and delete it as well.
Login to your site go Settings ? Permalinks page in WordPress admin area and click on the Save button without making any changes. This will generate a new .htaccess file for your website.`
Finally, activate the login redirect functionality and see if you get the same issues.

Hi, thanks for the hint!
I found the problem, is about an instruction in the htaccess

#### Force HTTPS://WWW and remove trailing / from files ####
## Turn on rewrite engine
RewriteEngine on
# Remove trailing slash from non-filepath urls
RewriteCond %{REQUEST_URI} /(.+)/$
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/wp-json
RewriteCond %{REQUEST_URI} !^/wp-json/
RewriteRule ^ https://www.casavela.it/%1 [R=301,L]

If I remove it, login works.
Now I added a row before the RewriteRule,
RewriteCond %{REQUEST_URI} !^/accesso/
and it works: despite the word I inserted in the setting page “brute force -> rename login” is “/accesso”, login form’s action is “/accesso/”, with trailing slash.

Thanks again

Is there a way to hide/anonymize site/login’s url in this topic? Otherwire I’ve to change it and communicate it to site’s owner…

You can edit your posts, you can then change any sensitive info to something like /mysiteurl/, mysite etc

Do you believe me if I tell you that I can’t find the edit button?