Hidden login path being shown to users

  • Resolved isdoo

    (@isdoo)


    1 year, 3 months ago

    I have my login set to say mylogin

    That works fine.

    However I have noticed that when using say Paid Membership Pro the logout link becomes

    /mylogin/?action=logout etc.

    Therefore disclosing my hidden admin login to anyone logging out (shown in the URL)

    The same appears to be default in the WordPress bar, therefore I do not think it is a problem with the membership software.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support MaximeWPS

    (@seinomedia)

    Hello,

    Thanks for using WPS Hide Login.

    That’s the way the plugin works. It replaces “wp-login.php” slug by your secret slug. It includes the actions like “logout” or “forgot password”.

    With Paid Membership Pro, the login page is public. Then, WPS Hide Login is useless.

    When you’re logged in, you’re supposed to know th secret slug set in WPS Hide Login. So, it’s not an issue.

    Thread Starter isdoo

    (@isdoo)

    PMP uses a different login page.

    But no problem. Have a great day!

    Plugin Support MaximeWPS

    (@seinomedia)

    Yes but it uses the WordPress login system and the same actions.

    Then, in some circumstances, PMP can redirect to ‘mylogin?action=logout’ if the login page set in PMP setting is different from “mylogin”.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Hidden login path being shown to users’ is closed to new replies.