Where do they get access to the login-form?

  • Hi there,

    i have hidden my login-form and i added an additional authentication over it. But i still get some bots that are trying to login as admin. wp-login/wp-login.php/ wp-admin and wp-admin.php are all protected or redirect to a 404. So has anyone an idea how they come to the login-form and how i can prevent this?

    Thank you

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 10 replies - 1 through 10 (of 10 total)

  • Try changing the name of the hidden login form url. Bots use to try several hundreds of english based urls, but if you choose something like “enter-here” you could get rid of them.

    Also, be sure you dont advertise your login form anywhere in the public website, nor you allow to users to signup.

    Thread Starter agitana

    (@agitana)

    A SignUp is not existant and we dont have any login advertise on our sites.

    The Url is already changed and – like i wrote – secured with an authentication with .htpasswd and despite that the attacker finds a possibility to get to the login form. This is what bothers me.

    If the attacker “know” your super secret login page, is because “it” has access to your htaccess file, then he or she just read it and know where to knock knock ??

    By the way, view the source code of your pages, to be sure there are no links to your login page. Also, be sure there are no more users than your own, and change your user password just to be sure you are not compromised..

    Thread Starter agitana

    (@agitana)

    Thank you for your suggestions. But i didnt find any clue in the source code for login oder admin.

    I got the following in my htaccess. I thought this would make it for visitors unaccessible?

    <FilesMatch "(\.htaccess|\.htpasswd|wp-config\.php|liesmich\.html|readme\.html)">
  order deny,allow
  deny from all
</FilesMatch>

    There are any other users apart form yours?
    Your htaccess rule is not covering wp-signup.php and wp-login.php.
    add an allow from your IP to that rule, so that only you can enter.

    This is a VPS? Are you aware of the IPs from where the offender(s) come from?

    Thread Starter agitana

    (@agitana)

    Your htaccess rule is not covering wp-signup.php and wp-login.php.

    Sorry, i didnt wrote it, but they are covered to. But i just discovered that one url was leading to the login page. Nice. Thank you for the tipp.

    Are you aware of the IPs from where the offender(s) come from?

    Yes. I got the logs. Why?

    This is a VPS?

    Sorry, but i am noob here. I just even dont know what that means.

    ok, maybe now that you have discovered the hidden link to your login page, you can now be able to hide it well. Don’t forget renaming the hidden login url after deleting the links in your website.

    Don’t bother the other questions. If you found the link, just hide it.

    Thread Starter agitana

    (@agitana)

    It wasn’t a link on the website. The wp-signup was just leading to the login-page. I fixed that.

    Big thanks for your help

    ok, this hopefully will stop those nasty bots.
    bye bye!

    Thread Starter agitana

    (@agitana)

    hope so ??

    bye bye

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Where do they get access to the login-form?’ is closed to new replies.

Tags