dcipher

[dcipher]

This reply has been marked as private.

[dcipher]

This reply has been marked as private.

[dcipher]

Just to add, using /wp-login.php?<login query and key> provides access to the backend login page however, using the custom URL with the login query and key does NOT work (e.g. /abc123?<login query and key>)

Something definitely odd happening.

[dcipher]

Hi Suman,

Any updates on this?

[dcipher]

Hi Suman, one more thing, looking at the new dashboard I can see a few issues – one of which says that the plugin cannot write to the htaccess file.

I can validate that this is incorrect because when I make changes in the plugin rewrite rules, I can see them being added to the htaccess file by the plugin.

Why is this error being displayed (see screenshot)?

Attachments:

You must be logged in to view attached files.

[dcipher]

Same issue, we had to manually upgrade the plugin by uploading v6, disabling 5.6, and having to manually move the config across.

Config restore work however there appears to be some issues that appear when doing it this way, manually configuration worked fine.

The plugin should play nicely with Envato marketplace plugin, that’s the whole point of the Envato plugin, to simplify the update process for assets purchased via Envato.

Hope Suman fixes this soon.

[dcipher]

Hi Suman,

Thanks for the reply. Not quite the response I was expecting. Staging/pre-prod environments are typically a mirror of your prod environment and the idea is to replicate and test as much of the configuration as possible. Considering that HMWP plays an integral part in our deployment, it’s important that we thoroughly test new code cuts with an active HMWP configuration.

Having to buy an additional license for out pre-prod env is a little frustrating but if that’s the way Envato licensing works then so be it.

It would be great to have some kind of a dev mode option/version for this purpose.

Many thanks.

[dcipher]

This reply has been marked as private.

[dcipher]

This reply has been marked as private.

[dcipher]

This reply has been marked as private.

[dcipher]

Hi Suman,

This plugin here: Frontend Reset Password (albeit, not a security plugin) allows for admins to create a seperate password reset page which is then used in password reset links, protecting your wp-login name and location.

From research, I do also believe that there is another plugin similar to HMWP which also has a similar feature but I haven’t tried and can’t validate it.

I hope this helps and thanks again for your excellent support.

[dcipher]

Hi Suman,

Thanks for your reply.

My replace was initially site-wide which is why I think it broke certain elements of the site, being specific on stylesheet IDs seems to work ok.

Thanks again for your help!

[dcipher]

Hi Suman,

You were close 🙂

The filename was actually …wordpress/wp-content.css

HMWP was configured to replace the wp-content directory to “inc” which must have also been overwriting the CSS filename.

I’ve applied the change and it’s no longer erroring.

Thanks for your help mate, brilliant work.

[dcipher]

Ok thanks Suman, that really helps.

Appreciate the reply.

[dcipher]

Hi Suman,

Thanks for your reply however that’s not exactly the issue. I’m aware that we can change the wp-login.php name however the issue is that when someone clicks to reset their password, the new wp-login name is exposed!

Upon further research it appears that HMWP can’t achieve this so I’ve found an alternative plugin which enables the admin to create a new password reset page and redirect password reset requests, completely hiding any reference to the wp-login page.

I’m open to any further suggestions here otherwise we can close off the case.

[Author]

Posts