wp-login.php page still visible

  • MarkOlbert

    (@markolbert)


    2 years ago

    I’ve defined a different/unique URL for the login, and I’ve turned on “block access to wp-login.php”.

    However, I can still visit the default wp-login.php page for the site.

    Interestingly, while I can log in there, I cannot access wp-admin.php unless I log in a second time. The second login request sends me to the different/unique URL I defined for logging in.

    This behavior manifests from an incognito window from my desktop IP address (which is on the whitelist).

    What’s really odd is that the expected behavior — not showing the default wp-login.php page — occurs on several other sites that I run WP Cerber on. Just not this particular site I’m having trouble with.

    Could this be a caching problem? I run WP Super Cache on all my sites, including the one that’s not behaving properly.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • First, go to your main settings in Cerber and look for “Display 404 page” and set it to “Disply Simple 404 page.”

    The Astra Theme’s 404 page is not compagible with the redirect and you get a “There has been a critical error on this website.” when anyone tries to access /wp-admin/.

    I can also accesss /wp-login.php although I can’t access /wp-admin.

    I usually run enable “Immediately block IP after any request to wp-login.php” option and that prevents it from being accessed. I would think that wp-login.php should be blocked from direct access without this option enabled.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘wp-login.php page still visible’ is closed to new replies.