ianro

sorry – I have found it – it had moved to the top tool bar

Hi Remy

Thanks again for taking the time to reply.

Yes, I now appreciate it is not directly a plugin issue.

I will discuss with my service provider. Just for information, the instructions were to stop repeated brute force attacks that were using up above their “fair usage” policy. Wrongly, I had assumed that this was one of the prime purposes of the plugin.

Thanks for your assistance on this

Hi Remy

Thank you for taking the time to respond

I must confess that I assumed that the instructions given to me were the standard plugin instructions. (since your post I can see that the extra ht access step has been added by the post author). This included a step after running WPS Hide Login/ The instuctions were as follows:

“There’s one extra step to take, because now every visit to the old /wp-login.php file will cause WordPress to generate a 404 page not found page. Add the following code to the top of your .htaccess file in the directory that contains your WordPress installation. This can be done via FTP, or you can do so via the File Manager in cPanel – just be sure to check the ‘Show Hidden Files’ option so you can see the .htaccess file.

‘<FilesMatch “wp-login.php”>
Deny from All
ErrorDocument 403 “Forbidden”
</FilesMatch>’

The above code will block all requests to the wp-login.php file, as no legitimate requests should be made to that file now that the WordPress address has been changed. This will protect your account by both preventing login attacks against your WordPress installation(s), and reducing the volume of PHP executions being processed.