[wp-trac] [WordPress Trac] #24673: provide mainline supported rename of wp-login

WordPress Trac noreply at wordpress.org
Sat Sep 14 11:50:50 UTC 2013

#24673: provide mainline supported rename of wp-login
 Reporter:  jorhett       |       Owner:
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:
Component:  Security      |     Version:  3.5.2
 Severity:  critical      |  Resolution:  wontfix
 Keywords:                |

Comment (by avryl):

 I agree with nacin, I should be up to the admin to decide how they want to
 secure their login page.

 That said, I released a [http://wordpress.org/plugins/rename-wp-login/
 plugin] a few weeks ago that ‘changes’ `wp-login.php` to something else. I
 doesn’t break anything, all the forms work properly, the login widget and
 all login links work, and expired sessions work too. `wp-login.php` will
 return a 404 status, and so will `wp-admin` if you’re not logged in
 (there’s no redirect).

 You could use it just to have a nicer login url, or to hide it, as if you
 had a second password. The only thing the plugin doesn’t do is hide login
 links on your website (if there are any), that’s up to the admin to

 Suggestions are always welcome!

Ticket URL: <http://core.trac.wordpress.org/ticket/24673#comment:8>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list