Solid WP PRO – Hide backend

  • DODO Internet

    (@studioviv)


    11 months, 2 weeks ago

    Hello,

    We use the security plugin Solid WP PRO. And with that plugin I can hide the backend with behind a custom URL. On this page users can register themself and that is working good. But after registration the user is redirected to https://domain.com/wp-login.php?checkemail=registered. But with the hide backend enabled I get the error message “This has been disabled.” Because with the hide backend enabled all wp-admin and wp-login pages are disabled for non-logged in users, except if those pages are visited through the custom URL.

    I have no idea how the plugin is build. But is it possible to change the code so it uses the default login/registration URL functions from WordPress? Like the function wp_login_url() and for example add the parameter “checkemail” with the add_query_arg() function. Because Solid WP also uses the wp_login_url() function and add the custom URL conditions to that function. For example:
    $checkemail_url = add_query_arg(‘checkemail’, ‘registered’, wp_login_url());

    Hopefully it can be build that way, so the plugin is compatible with Solid WP and maybe many other plugins.

    If you have any questions, let me know.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support hasanrang05

    (@hasanrang05)

    8 months, 4 weeks ago

    Sorry for late reply, i could not understand clearly what the issue are you facing with our plugin? could you please specific?

    Thread Starter DODO Internet

    (@studioviv)

    8 months, 4 weeks ago

    Hello,

    We have paid security plugin called Solid WP PRO (formerly known as Ithemes security PRO). In this plugin we can hide the login page (normally known as wp-login.php) to a different URL. For example https://domain.com/hidelogin. So the login page is harder to find for all kind of users who will harm the site. All pages under hte wp-login.php (the login, password reset and the sign in) will be renamed to this new URL.

    This plugin is not working with this security feature. And it has something to do with the way the email check link with the parameter “checkemail” is build. I think the URL is build something like this:
    <?php echo get_site_url() . “wp-login.php?checkemail=registered”; ?>
    (I’ve also seen this before with other plugins)

    As I stated, I don’t know for sure how this plugin is build. But if the link is build this way, this security feature will block the page and the users cannot verify themself. If the “checkemail” parameter can be added through a different way, for example with the combination with the wp_login_url() and the add_query_arg() PHP function. Than the link will work with the security feature and the users can verify themself. The code will then look something like this:
    <?php $checkemail_url = add_query_arg(‘checkemail’, ‘registered’, wp_login_url());
    echo $checkemail_url; ?>

    This security feature is also present at the free version of this security plugin. So you can test it yourself. You can find the free plugin here:
    https://wordpress.org/plugins/better-wp-security/

    This is tested and I can confirm this will work

    If you have any questions, let me know.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Solid WP PRO – Hide backend’ is closed to new replies.