Hide 404 error after WP Recaptcha

Viewing 9 replies - 1 through 9 (of 9 total)

  • @rdekruijf

    WordPress does not include a reCaptcha feature.
    So this is probably a plugin conflict with a plugin that offers reCaptcha functionality.

    So which reCaptcha plugin exactly are you using ?

    dwinden

    Thread Starter rdekruijf

    (@rdekruijf)

    Hellu Dwinden,

    Thanks for your reply. Not sure if it’s called ReCaptcha in WordPress, but occasionaly it gives an extra security code before you’re able to reach the login screen. After entering this I’ll get a 404 error.

    But it gives a 404 error too when I enter the login url for the first time. It then goes to an URL that reads /wp-login.php.

    Maybe it’s handy to send you some screenshots?

    Kind regards,

    Roy

    @rdekruijf

    Screenshots are always welcome.

    At what hosting provider is the site hosted? Wondering whether this is a WordPress specialized hosting company. I’m Dutch so I will be able to find out.
    Did you install/configure the WordPress env yourself or did the hosting provider do it for you ?

    Also provide a list of plugins installed. I may be able to determin which plugin includes the reCaptcha functionality.

    Anyway if the reCaptcha functionality tries to redirect to the wp-login.php script while the iTSec plugin Hide Backend feature is enabled then a 404 is the expected result.
    Enabling the iTSec plugin Hide Backend feature also blocks direct access to the wp-login.php script …
    (What’s the point of hiding the wp-admin slug when the wp-login.php script can still be accessed directly ?)

    If you provide the site URL I can even have a look at this myself.

    dwinden

    Thread Starter rdekruijf

    (@rdekruijf)

    Good morning Dwinden,

    We’re hosting all of our websites at https://www.your-webhost.nl. WordPress is installed with the help of their installer (Softcalicious).

    List op plugins:

    Admin Menu Editor Pro
    Envato WordPress Toolkit
    Facebook Page Plugin
    Formidable
    iThemes Security
    LayerSlider WP
    Redirection
    WP Fastest Cache
    WPBakery Visual Composer
    Yoast SEO

    The URL is https://www.dekamil.nl/toegang

    You can also contact me via [email protected]

    Thanks!

    Roy

    Goodafternoon rdekruijf ??

    Ok, I now fully understand what is happening.

    On second thought I don’t think the captcha is an active plugin in the WordPress env.

    It looks like this is either part of the Softaculous install or an extra feature for WordPress sites which is included in the hosting providers package/service (which basically boils down to same thing).

    You can probably find out exactly what it is by clicking on the link underneath the captcha form:

    Informatie over deze beveiliging

    Perhaps logging into the account management system also allows you to disable/enable or tweak the captcha feature.

    In any case entering the captcha correctly once initially returns a 404. But a subsequent second attempt to access the same secret login url will provide immediate access to the WordPress Dashboard login screen (the captcha form is skipped).

    So I’m pretty sure the action behind the captcha form tries to redirect to the wp-login.php script. Since the iTSec plugin Hide Backend feature also blocks (actually responds with a 404 to) wp-login.php requests a 404 is returned upon a correct captcha submit.

    Basically the captcha form is unaware of the iTSec plugin Hide Backend feature responding to wp-login.php requests with a 404.
    If you could somehow tweak the captcha form to redirect to the secret login slug as set by the iTSec plugin Hide Backend feature the problem would be solved.

    Another option would be to disable the captcha form.

    dwinden

    Thread Starter rdekruijf

    (@rdekruijf)

    Good morning Dwinden,

    I understand what your saying. Yet when I try to access the customized URL link, even without the ReCaptcha, it gives a 404 error.

    You could try it for yourself via https://www.dekamil.nl/toegang

    Kind regards,

    Roy

    Good morning rdekruijf,

    I already tried yesterday, and I just tried it again and it works fine.

    It seems that there is a cookie (myauthcookie) stored in the browser when the correct captcha is submitted. As long as that cookie does not expire the secret url will give immediate access to the admin login screen.

    When I manually delete the cookie from my browser, accessing the secret url takes me to the captcha screen again.

    I’m testing from the Mozilla Firefox 45.0.1 browser.
    Please make sure your browser is able to create/save cookies.

    dwinden

    Thread Starter rdekruijf

    (@rdekruijf)

    Good afternoon Dwinden,

    My browser is able to store cookies, yet I still can’t acces the admin screen in one go.

    I’ve got screenshots if they’re any help?

    Kind regards,

    Roy

    Good evening rdekruijf,

    Screenshots are always welcome.

    Have you tried from a different device ?
    What client env are you on (OS, browser) ?
    Interesting case …

    dwinden

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Hide 404 error after WP Recaptcha’ is closed to new replies.

Tags