I have used your plugin to hide the login page and it certainly has done that. Using /wp-admin or /wp-login will return a /404 which is fine and yet someone using the IP address 5.188.84.186 is still able to find my login page and attempt to get in.
The IP Address above is shown on Google to be a Russian address whose abuse level is 100%. The secret login page I am using is the conjunction of a number of words known only to me and not found in any dictionary.
Have you any idea how the hacker, who is clearly a professional at this, has been able to find a back door to your plugin?
The IP Address above is shown on Google to be a Russian address whose abuse level is 100%. The secret login page I am using is the conjunction of a number of words known only to me and not found in any dictionary.
Have you any idea how the hacker, who is clearly a professional at this, has been able to find a back door to your plugin?