how some one find or try to login if we rename admin url?

Viewing 6 replies - 16 through 21 (of 21 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, the plugin developers will investigate further your issue.

    Regards

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Hi @rawirai-1,
    Please do the following test.
    Using a browser go to the following URL:
    <yoursite-url>/xmlrpc.php

    What do you see when you visit that URL?

    Thread Starter rawi.rai

    (@rawirai-1)

    XML-RPC server accepts POST requests only.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Ok this explains what is likely happening.
    So in answer to your question – no they have not found your hidden login page and are most likely targeting your xmlrpc file instead.

    You can stop this by enabling the pingback protection feature in the firewall settings. (note: this will affect plugins which use xmlrpc)

    Thread Starter rawi.rai

    (@rawirai-1)

    Now it’s been 24 hrs no attack after removing Your plugin.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Now it’s been 24 hrs no attack after removing Your plugin

    I think you might find that if you haven’t disabled access to the xmlrpc file as suggested in my previous response, that those “attacks” are probably still occurring except you are not being informed of it since you don’t AIOWPS installed anymore.

    • This reply was modified 8 years, 2 months ago by wpsolutions.
Viewing 6 replies - 16 through 21 (of 21 total)
  • The topic ‘how some one find or try to login if we rename admin url?’ is closed to new replies.