ModSecurity Failed Login Rule Triggered Just Loading Login Page

  • I was testing a plug-in for customizing the login page. I had to reload the page a few times to see the changes. I then started getting 401 errors. I checked my server logs and see that just by loading wp-login.php, it is seen by the server as a failed login attempt. So apparently just loading the login page is equivalent to submitting the login with no credentials. Not very slick.

    Anyone run into this and figured a way around it aside from disabling the modsecurity rule?

    I suppose it’s no big deal to temporarily disable the rule while testing. I can’t see a realistic scenario of a legit user reloading the login page 3 times in row without trying to login.

Viewing 1 replies (of 1 total)

  • hey consultant1027,

    You may want to check with the author of the plugin and see if they can provide support for you. If the plugin is hosted on www.ads-software.com there should be a support form for that plugin.

    Hope this helps!
    –AJ

Viewing 1 replies (of 1 total)
  • The topic ‘ModSecurity Failed Login Rule Triggered Just Loading Login Page’ is closed to new replies.