WP Login Workaround
I seriously need some ideas.
In order to curb hacking attempts, my host has recently blocked at the server/firewall all wp-login.php login attempts. They have blocked that and added a new file, let's say, supersecret-login.php that they give to site owners.
So now if I need to work on my website, I login at http://mydomain.com/supersecret-login.php which is okay because I know this.
Recently I realized though that people that don't know that URL will not be able to log in. Of course that is part of the reason for the security workaround I understand.
So they suggest changing the wp-login.php URL to the new URL in the WP files. And not only that but many plugins also refer to wp-login and would need to be changed.
Going through everything once and making the change may be bearable but this would break all functionality every time there was a WP or plugin update because the update would overwrite the changed file and revert it back to the original wp-login URL.
Until the URLs are changed the site will go dead with every update which could even be several times a day.
Any ideas at all about how to handle this?
Mark
In order to curb hacking attempts, my host has recently blocked at the server/firewall all wp-login.php login attempts. They have blocked that and added a new file, let's say, supersecret-login.php that they give to site owners.
So now if I need to work on my website, I login at http://mydomain.com/supersecret-login.php which is okay because I know this.
Recently I realized though that people that don't know that URL will not be able to log in. Of course that is part of the reason for the security workaround I understand.
So they suggest changing the wp-login.php URL to the new URL in the WP files. And not only that but many plugins also refer to wp-login and would need to be changed.
Going through everything once and making the change may be bearable but this would break all functionality every time there was a WP or plugin update because the update would overwrite the changed file and revert it back to the original wp-login URL.
Until the URLs are changed the site will go dead with every update which could even be several times a day.
Any ideas at all about how to handle this?
Mark