Hide beckend – ?itsec-hb-token

  • Hello,

    I recently saw my website got this when i try to log in on my
    costum url : wp-login.php?itsec-hb-token=

    Can someone help me please and tell me what this itsec-hb-token is
    and how to remove ?

    Before it show only my costum url without this.

    Best,

Viewing 4 replies - 1 through 4 (of 4 total)

  • According to the 6.3.0 Changelog:

    Important: The way that Hide Backend functions changes in this release. Previously, if your Hide Backend Login Slug was wplogin, going to example.com/wplogin would result in the URL remaining example.com/wplogin. The new implementation of this feature results in a redirect to a URL that looks as follows: example.com/wp-login.php?itsec-hb-token=wplogin. While this may not be desireable for some users, this change was necessary to fix longstanding compatibility issues with other plugins. Once you access the login page using the Login Slug page, a cookie is set with an expiration time of one hour. As long as the cookie remains, you can access example.com/wp-login.php without having to access the Hide Backend Login Slug first. If you wish to confirm that Hide Backend is working properly on your site, opening up a private browsing window is a quick way to test without having to log out and clear cookies.

    Thread Starter ememz

    (@ememz)

    Thank you for the replay nlpro.

    So it means this changes is from their side ?
    I thought i changed something.

    Best,

    So it means this changes is from their side ?

    Yes, the entire code of the Hide Backend feature was rewritten in the 6.3.0 release.

    /wp-login.php?itsec-hb-token=wplogin&itsec_interstitial_expired=2fa-on-board

    No way to log in. Press “Skip” on Setup Two-Factor – reload same window ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Hide beckend – ?itsec-hb-token’ is closed to new replies.