What’s the point of only REDIRECTING wp-admin url to custom login url?

Hi,
Actually it should return a 404 error page. Can you make sure you clear your browser cache? Also do the same for your Cache plugin in case use such thing on your website.

Thanks

Sure i did it three times to be sure with “clear all cache” chrome extension without any server caching or wordpress caching plugin. I ran the website in anonymous mode in chrome with same result.

Can you check if the following options are set to Yes:

Block default wp-login.php
Block default Admin Url

If still not working, can you send the .htaccess file content?

Thanks

Yea checked both… Ill install it on mirror…

All plugins are disabled, only WP hide is enabled…
All settings in your plugin are ON, paths are rewriten, styles, ids, wp classes removed by the options. The WP installation is recognized as WP anyway by Wappalyzer and the rest of WP detecting services over the internet.
The login address wp-login.php is still accessible.
wp-admin just redirecting to my custom wo-login.php which is loading.php now

I am WP/WOO developer, not BFU. There is something wrong in your code, but i dont have a time for debugging

IDK whats wrong, maybe some condition, maybe some rew rules ??

And the .htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /somedir/v1/
RewriteRule ^index\.php$ - [L] 

#START - WP Hide & Security Enhancer
#WriteCheckString:1482274952_24274
<IfModule mod_env.c>
SetEnv HTTP_MOD_REWRITE On
</IfModule>

RewriteRule ^design/ragu-style.css /somedir/v1/wp-content/plugins/wp-hide-security-enhancer/router/file-process.php?action=style-clean&file_path=/somedir/v1/wp-content/themes/theme/style.css [L,QSA]

RewriteRule ^design/ragu-style.css /somedir/v1/wp-content/themes/theme/style.css [L,QSA]

RewriteRule ^design/(.+) /somedir/v1/wp-content/themes/theme/$1 [L,QSA]

RewriteRule ^modules/(.+) /somedir/v1/wp-content/plugins/$1 [L,QSA]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-content/plugins(.+) /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule ^wp-includes(.+) /somedir/v1/index.php [L]

RewriteRule ^resources/(.+) /somedir/v1/wp-includes/$1 [L,QSA]

RewriteRule ^data/(.+) /somedir/v1/wp-content/uploads/$1 [L,QSA]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-content/uploads(.+) /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !wp-activate.php [NC]
RewriteCond %{REQUEST_FILENAME} !wp-cron.php [NC]
RewriteCond %{REQUEST_FILENAME} !wp-signup.php [NC]
RewriteCond %{REQUEST_FILENAME} !wp-comments-post.php [NC]
RewriteCond %{REQUEST_FILENAME} !wp-login.php [NC]
RewriteRule ^wp-([a-z-])+.php /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-signup.php /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^xmlrpc.php /somedir/v1/index.php [L]

RewriteRule ^wp-json(.+) /somedir/v1/index.php?wph-throw-404 [L]

RewriteRule ^fuckt-that.php /somedir/v1/wp-comments-post.php [L,QSA]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-comments-post.php /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^license.txt /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^readme.html /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-activate.php /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-cron.php /somedir/v1/index.php [L]

RewriteRule ^storage/(.+) /somedir/v1/wp-content/$1 [L,QSA]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule ^wp-content(.+) /somedir/v1/index.php [L]

                            <FilesMatch "">
                                <IfModule mod_headers.c>
                                    Header unset X-Powered-By
                                </IfModule>
                            </FilesMatch>

                            <FilesMatch "">
                                <IfModule mod_headers.c>
                                    Header unset X-Pingback
                                </IfModule>
                            </FilesMatch>

RewriteRule ^loading.php(.*) /somedir/v1/wp-login.php$1 [L,QSA]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-login.php /somedir/v1/index.php [L]

RewriteCond %{REQUEST_URI} adm$
RewriteRule ^(.*)$ adm/ [R=301,L]
RewriteRule ^adm/(.*) /somedir/v1/wp-admin/$1 [L,QSA]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^wp-admin(.+) /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^dashboard(.+) /somedir/v1/index.php [L]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^admin(.+) /somedir/v1/index.php [L]

#END - WP Hide & Security Enhancer

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /somedir/v1/index.php [L]
</IfModule>

# END WordPress

The rewrite rules looks fine with me, there must be something related to your server environment. Please provide an actual URL so we can check it further.

Remember that Wappalyzer addon can return wrong information which is a result of browser cache. So i suggest whenever you try it again, you should clear the browser history (cookies, login data etc), restart the browser and try again. You can check with our sample at https://nsp-code.com/testing/wp-hide/ it does not return any WordPress traces or any plugins / theme. Even so there are active Contact Form 7, Formidable, Ninja Forms, W3 Total Cache etc

I tried it with all stuff deleted alson in anonymous chrome mode and 3 or 4 website wp checkers. Still the same result. Ill test it with default theme without plugins next year ?? Holydays are comin… Anyway good job. I saw your demo properly before ??