Custom login page : brute force protection working ?

  • Resolved DeepBlue

    (@deepblue5)


    11 months, 2 weeks ago

    Hi

    With a builder plugin, we have created a custom login page url using a block “login form” (and added recaptcha on it)

    2 questions :

    1. i have read Wordfence only supports Recaptcha and 2FA for default wordpress login url (wp-login.php) is that still the case ?
    2. If i use a custom login url, does Wordfence brute force protection will protect this custom url login form ?

    thank you

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @deepblue5, thanks for your questions.

    We are looking to expand our 3rd party compatibility for 2FA/reCAPTCHA, but it’s difficult to make allowances for all custom forms (or plugins with less installations) as they can handle the login in different ways, or expect different data. You may be able to find a plugin or add-on for specific form builders that will allow you to keep reCAPTCHA/2FA functionality whilst removing it from our Login Security requirements.

    Whilst we generally recommend against hiding your login URL as we believe it just slows down an attacker rather than stop them entirely, some users are able to use an altered login URL and swear by it. However, we have seen some cases in the past where this is a problem, such as the “Hide My WP” plugin that breaks our scans.

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Custom login page : brute force protection working ?’ is closed to new replies.