Update 6.4.0 Hide backed login issue

  • Hello,

    I have update 6.4.0

    you know, with the last update the hide beckend was changed.
    example.com/SLUG redirecting to example.com/wp-login.php?itsec-hb-token=SLUG
    and
    when we type the example.com/wp-login.php via a new browser or pc or no cookies devices etc. whatever else… the site going right there: “example.com/wp-login.php”
    dont redirecting to Redirection Slug.
    I have access “private/incognito browse” for same issue was created.

    Please help me!

Viewing 7 replies - 1 through 7 (of 7 total)

  • Hi,

    Are you able to email me at gerroald @ ithemes . com so I can see this in action?

    Thanks,

    Gerroald

    Just want to confirm that I have encountered this also on a fresh install. Permissions weren’t the issue either.

    Hi,

    @zakalwe – Are you having the exact same issue as @bhalodiya?

    The way that Hide Backend functions changes in this release. Previously, if your Hide Backend Login Slug was wplogin, going to example.com/wplogin would result in the URL remaining example.com/wplogin. The new implementation of this feature results in a redirect to a URL that looks as follows: example.com/wp-login.php?itsec-hb-token=wplogin. While this may not be desirable for some users, this change was necessary to fix longstanding compatibility issues with other plugins. Once you access the login page using the Login Slug page, a cookie is set with an expiration time of one hour. As long as the cookie remains, you can access example.com/wp-login.php without having to access the Hide Backend Login Slug first. If you wish to confirm that Hide Backend is working properly on your site, opening up a private browsing window is a quick way to test without having to log out and clear cookies.

    Thanks,

    Gerroald

    Thanks Gerroald,

    This works exactly as you have said. Was just worried as I tested the changed login slug first and then double-checked wp-login.php to check it was working.

    Panic averted.

    Much appreciated,

    Zak

    This solution does not work. If I try to enter my backend through /slug it displays The request is not acceptable. The same problem is by using /wp-login.php Please give information how to enter backend or completelly disable plugin.

    Why call this feature ‘Hide Backend’ when it clearly no longer does. The example url example.com/wp-login.php?itsec-hb-token=wplogin is correct as this is new new way the feature works but it does not hide the backend. By typing ‘wp-admin’ you are taken to the login in screen and the url displays example.com/wp-login.php?itsec-hb-token=wplogin6&redirect_to=http%3A%2F%2Fwww.example.com%2Fwp-admin%2F&reauth=1 so, as you can see the backend is not hidden.

    I think ithemes should either fix this issue or remove this feature as it is very misleading and no longer does what they say i does.

    Hey.. you are right… this problem apperared in releases up v6.2.1 (so far so good)

    v6.4.0
    1- https://www.sitename.domain/personalyzed-slug (Does not work anymore Freaky Browser Error)
    2- https://www.sitename.domain/wp-admin (Access granted)
    3- Accessing via 2 when try to logoff redirects me to “www.sitename.domain/personalyzed-slug?logoff=true” (Error 404 /personalyzed-slug)

    And I Cant Do a Fresh Install… Dead man… Institutional Website..!!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Update 6.4.0 Hide backed login issue’ is closed to new replies.