Redirect from wp-login.php

Any URLs that are properly generated to the login page, by using either wp_login_url() or site_url( 'wp-login.php' ) should be rewritten to TML’s Log In page.

Jeff, thank you for taking the time to reply to my feature request. I know you must be busy with this recent major release of Theme My Login and I certainly appreciate your time and efforts.

I don’t recall how I discovered this (maybe it was from a plugin or maybe I just typed it directly into the address bar), but accessing “website.com/wp-login.php” directly does appear to go to the default WordPress login page. My original post also mentioned “website.com/wp-admin” – and that one does appear to redirect properly, so I should not have put that in my feature request.

One possible workaround that I’ve found is to use the following code in the htaccess file:
Redirect 301 /wp-login.php /login
But I’m not sure if this is really a good idea or the best method? And if it is a good workaround, perhaps that could be built in as a feature? Maybe as a checkbox that says something along the lines of “Disable wp-login.php”?

Hi Travis,

The Security extension actually contains this option. But, instead of a 301, it gives a 404, thus pretending that wp-login.php doesn’t even exist.

Well, ha! It was there the whole time and I just didn’t see it. Almost hiding in plain sight. Thank you again. God bless!