Home Forums WordPress Plugins Hide My WP Custom Password reset URL

This topic is: resolved
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • August 2, 2019 at 6:45 am #27144
    dcipher
    Post count: 66

    Dear Suman,

    Is it possible to configure (hide) a custom password reset URL using HMWP?

    Similar plugins on the market include this ability so I would like to confirm if this is something that can be achieved with HMWP?

    Right now, even though we’ve hidden wp-login and wp-admin paths, once someone requests a password reset, the rest link discloses the wp-login URL which defeats the purpose of hiding it.

    Many thanks in advance.

    August 4, 2019 at 1:01 pm #27164
    Suman M.
    Post count: 12478

    Hi, yes you can rename it. For that you’ll need to enter new name for wp-login.php in “Change Login URL” option under Permalinks & URLs tab.

    August 5, 2019 at 5:51 am #27183
    dcipher
    Post count: 66

    Hi Suman,

    Thanks for your reply however that’s not exactly the issue. I’m aware that we can change the wp-login.php name however the issue is that when someone clicks to reset their password, the new wp-login name is exposed!

    Upon further research it appears that HMWP can’t achieve this so I’ve found an alternative plugin which enables the admin to create a new password reset page and redirect password reset requests, completely hiding any reference to the wp-login page.

    I’m open to any further suggestions here otherwise we can close off the case.

    August 6, 2019 at 4:45 am #27198
    Suman M.
    Post count: 12478

    Okay, so you mean not to show the login url at all in the password reset link, right? Currently, this is not possible via HMWP as HMWP doesn’t change any default behaviour of the wordpress. It just renames the default WP paths.
    May be you can let us know the plugin that enables the admin to create a new password reset page. We might consider that feature in the upcoming versions. Thanks!

    August 7, 2019 at 12:50 am #27213
    dcipher
    Post count: 66

    Hi Suman,

    This plugin here: Frontend Reset Password (albeit, not a security plugin) allows for admins to create a seperate password reset page which is then used in password reset links, protecting your wp-login name and location.

    From research, I do also believe that there is another plugin similar to HMWP which also has a similar feature but I haven’t tried and can’t validate it.

    I hope this helps and thanks again for your excellent support.

    August 7, 2019 at 4:33 am #27215
    Suman M.
    Post count: 12478

    Thanks for your valuable info. We’ll see if this can be implemented in our plugin.

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.