User Registration Email Default wp-login.php

  • I have just set up user registration. And checked it via an email account. On the email sent (I assume) by wordpress. It says “Username: Username, Password: Password. Then provides the url to log in at which ends in wp-login.php. However, that is the standard login and so should be avoided and changed for security reasons. So why does wordpress send that as the user login url, rather than reading what the actual url is that it has been changed to and send that via email? Otherwise sites using security plugins will provide a 404 or no error message (based on options) so the new user will become confused (or potentially locked out or banned).

Viewing 1 replies (of 1 total)

  • Hi, @scoc.

    So why does wordpress send that as the user login url, rather than reading what the actual url is that it has been changed to and send that via email?

    Basically, because whatever security plugin you’re using didn’t also do something to override the login URLs in the registration emails (such as replacing the wp_new_user_notification function, or using the login_url filter).

    (Some such plugins simply hide the login URL by adding certain rules to the .htaccess file, but that method doesn’t literally change all of WordPress’s own internal references to the wp-login.php file.)

    • This reply was modified 8 years, 2 months ago by girlieworks.
Viewing 1 replies (of 1 total)
  • The topic ‘User Registration Email Default wp-login.php’ is closed to new replies.