Login Protection – Password

  • Resolved curtm275

    (@curtm275)


    1 year ago

    I’d like to enable login protection for Username + Password to protect the default WP login page, but when I do – the login credentials are not accepted. I don’t receive any error message, the page just reloads and the username and password are not accepted.

    Deleting the bf_conf.php file allows me to get back in to the site.

    What can I do to use this feature correctly?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author nintechnet

    (@nintechnet)

    The protection relies on PHP session cookies.
    If you go to NinjaFirewall > Dashboard, do you see any error or warning about PHP sessions?

    Thread Starter curtm275

    (@curtm275)

    No, I don’t see any error or warning. Could it be caused by caching? Are there files or directories I need to exclude from cache?

    Plugin Author nintechnet

    (@nintechnet)

    Normally, a caching plugin shouldn’t cache the login page (or any PHP script) because that would be a security risk. Additionally, the firewall sends HTTP headers asking to not cache the page.
    You can still try to temporarily disable your caching application, just to ensure it is not misconfigured.
    If you set the protection to captcha instead of login/password, do you face the same problem?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Login Protection – Password’ is closed to new replies.