Some features not working on child blogs

  • Resolved glyndavidson

    (@glyndavidson)


    9 years, 11 months ago

    Hi,

    The CPU usage of my WordPress Multisite has recently seen a massive increase. Looking at the stats, wp-login.php is responsible for a huge amount of the requests so I’ve been looking at renaming the login page via the All In One WP Security & Firewall plugin.

    However, whilst the rename login page and cookie based brute force prevention work perfectly on the main blog, they don’t work on child blogs.

    Rename login page has no effect whatsoever on the child blogs, and if cookie based brute prevention is enabled, I can’t access the login page using the secret word on the child blogs.

    Is this normal or is it specific to my installation?

    Many thanks

    Glyn

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi Glyn is the plugin also installed in the child blogs and configured in the child blogs?

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Currently the whole brute force menu is not applicable to the child sites.
    This is an historical decision whereby we had to disable the brute force menu in the child site dashboard because at the time we only had the cookie based brute force feature and this was causing issues when applied to child sites (because there is only a single .htaccess file which serves all sites in a multisite installation).

    We will investigate further to see if we can make the rename login feature available to be enabled and configured for the child sites too.

    Thread Starter glyndavidson

    (@glyndavidson)

    Thanks for the response guys, for completeness; yes, the plugin is activated on the child blogs (Although I also tried network activating).

    I can see that enabling the secret cookie adds a few lines to .htaccess, one of which being:

    RewriteCond %{REQUEST_URI} (wp-admin|wp-login)

    I don’t know enough about rewrite rules, but is it not just a matter of adding wildcards to the URLs? Granted, my simple and theoretical solution would force the entire network to use the same “secret word”, but as an interim fix this is fine for my installation (I don’t allow blog admins access to security settings anyway).

    Thanks again for the response, makes a nice change to see developers offering support.

    Thread Starter glyndavidson

    (@glyndavidson)

    Since starting this thread 20 hours ago, I’ve had 98 lockout emails from just 1 child blog :s

    Thread Starter glyndavidson

    (@glyndavidson)

    Just wondering if any progress has been made with this?

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Just wondering if any progress has been made with this?

    Sorry not yet mate – a bit snowed under currently.

    It is on our radar and hopefully won’t be too long.

    I was thinking that the easiest solution would be to introduce the “Rename Login Page” feature into the child blog menus. This will be easier than making the cookie based brute feature work for child blogs.
    Would that be ok from your perspective?

    Thread Starter glyndavidson

    (@glyndavidson)

    Having the “Rename Login Page” on child blogs would be a massive help. Really appreciate you giving up your time to look into this. Thank you.

    This would be very useful for me, too.
    Thank you for being right on top!

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, are you still having issues with your Child Blogs and Brute Force -> Rename Login Page security feature?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    I am marking this thread as resolved. No replies in 10 months.

    Thank you

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Some features not working on child blogs’ is closed to new replies.