Password protected pages reveal backend login url

  • Hi all,

    I wanted to password protect a couple of pages and give the password to clients when needed.

    By chance, I did notice that the backend site URL was visible in the HTML (Ctrl + shift thingy on Chrome) and I have hidden my login url using a security plugin, however this revealed quite easily.

    I am not sure if I am into something relevant here, but as i did try hard to secure my site and by hiding the backend url was so easy to spot, using the password protect by wordpress.

    Is there something that can be done to password protect your pages but not reveling your backend login url?

    I am not as savvy as I wish i could be, but I hope i make sense on my question above.

    thank you for your help guys. Long live wordpress..

Viewing 1 replies (of 1 total)
  • Moderator Marius L. J.

    (@clorith)

    Hi,

    WordPress doesn’t include any links to your admin area on password protected pages by it self, but plugins may include them to do AJAX requests (perform actions without reloading the page).

    It’s really not much of a security increase in hiding your admin area overall, and many plugins will reveal it (or even rely on it being a fixed, known, address), so I wouldn’t worry too much about this.

Viewing 1 replies (of 1 total)
  • The topic ‘Password protected pages reveal backend login url’ is closed to new replies.