[wp-trac] [WordPress Trac] #58410: global disable login and password reset / recovery
WordPress Trac
noreply at wordpress.org
Fri May 26 02:02:20 UTC 2023
#58410: global disable login and password reset / recovery
------------------------------------+-----------------------------
Reporter: cederom | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version: 6.2.2
Severity: major | Keywords:
Focuses: |
------------------------------------+-----------------------------
Hello world :-)
Would it be possible to completely disable User Login and Password Reset /
Recovery functionality from the Options screen? I just want site to return
403/404 with no further processing.
I have really lots of automated bruteforce attacks that try to leverage
login and/or use password recovery forms.
I have other ways to manage such page (i.e. ssh wp), so in that case
disabling login and password reset seems most sensible and efficient
solution.
At this point these functions can be be disabled using .htaccess and
manual php modification that impacts platform consistency.
Please consider adding option to disable Login and Password Reset forms.
Thanks :-)
Tomek
--
Ticket URL: <https://core.trac.wordpress.org/ticket/58410>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list