Private slug shown in source page

  • Resolved gilles66

    (@gilles66)


    9 months, 2 weeks ago

    Hi,

    thank you for this plugin.

    I notice that the wp_logout_url() WordPress function generates a link where the secret slug is present.

    Something like https://my-website.com/admin-secret-slug-123/?action=logout&redirect_to=https://my-website.com

    Isn’t it a security issue ? I don’t like the private slug to be public.

    So I wrote a quick fix for this, but would like an answer from you.

    function lc_logout_url( $logout_url ) {
    if ( $whl_page_login = get_site_option( ‘whl_page’, ‘login’ ) ) {
    $logout_url = str_replace( $whl_page_login . ‘/’, ”, $logout_url );
    }
    return $logout_url;
    }
    add_filter( ‘logout_url’, ‘lc_logout_url’, 30, 1 );

    function lc_init_logout_url() {
    if ( isset( $_GET[‘action’] ) && ‘logout’ == $_GET[‘action’] ) {
    wp_logout();
    }
    }
    add_action( ‘init’, ‘lc_init_logout_url’ );

    I thank you in advance.

Viewing 1 replies (of 1 total)
  • Plugin Support MaximeWPS

    (@seinomedia)

    Hello,

    Thanks for using WPS Hide Login.

    If you log out, it means you logged in. Then, to log in, you know the login URL. It’s not an issue ??

Viewing 1 replies (of 1 total)
  • The topic ‘Private slug shown in source page’ is closed to new replies.