Strange WordPress Security page and .htaccess code

  • I came across a strange security redirect page and some weird .htaccess code. Perhaps somebody can tell me what is going on here.

    When I tried to login on my WordPress site, it redirected me to:

    https://website.com/wp-login.php?redirect_to=http%3A%2F%2Fwebsite.com%2Fwp-admin%2F&reauth=1

    Which displayed a page with the following text:

    WordPress Security

    Click here to continue to your WordPress login.

    The source code of the page is:

    <html>
<head>
    <meta charset=utf-8>
    <title>WordPress security</title>
<STYLE TYPE="text/css">
<!--
BODY
   {
   color:black;
   font-family:arial;
   }
-->
</STYLE>
<body>

<center><h2>WordPress Security</h2></center>

<h1><center><a href=wp-login.php rel="nofollow">Click here to continue to your WordPress login</a></center></h1>

</body>
</html>

    Clicking the link will just redirect you to the regular wp-login.php page.

    Trying to figure out where this strange WordPress Security redirect came from, I found the following code in the .htaccess file:

    # START WordPress DDOS cookie
RewriteEngine On
RewriteCond %{HTTP_COOKIE} !10958 [NC]
RewriteRule ^wp-login.php$ setcookiewpprotect.php [L]
#END WordPress DDOS cookie

    Trying to google these lines I came up with zero results.

    Does anybody have any idea what this security page is and what the WordPress DDOS cookie is all about?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Guiris

    (@guiris)

    I’m under the impression that this might be coming from my webhost, who is apparently dealing with DDOS attacks. I am currently trying to get this confirmed.

    This has nothing to do with WordPress other than the redirected admin url – which is perfectly normal & standard. The message is being displayed by a non-WordPress script installed by some hosts, so ask your hosts about it.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Strange WordPress Security page and .htaccess code’ is closed to new replies.