ModSecurity Failed Login Rule Triggered Just Loading Login Page

  • I was testing a plug-in for customizing the login page. I had to reload the page a few times to see the changes. I then started getting 401 errors. I checked my server logs and see that just by loading wp-login.php, it is seen by the server as a failed login attempt. So apparently just loading the login page is equivalent to submitting the login with no credentials. Not very slick.

    Anyone run into this and figured a way around it aside from disabling the modsecurity rule?

    I suppose it’s no big deal to temporarily disable the rule while testing. I can’t see a realistic scenario of a legit user reloading the login page 3 times in row without trying to login.

Viewing 1 replies (of 1 total)

  • hey consultant1027,

    You may want to check with the author of the plugin and see if they can provide support for you. If the plugin is hosted on www.remarpro.com there should be a support form for that plugin.

    Hope this helps!
    –AJ

Viewing 1 replies (of 1 total)
  • The topic ‘ModSecurity Failed Login Rule Triggered Just Loading Login Page’ is closed to new replies.