admin管理员组文章数量:1289497
I've successfully made wp-admin not accessible (redirected to 404 page) here is the codes in my function file:
add_filter('site_url', 'wpadmin_filter', 10, 3);
function wpadmin_filter( $url, $path, $orig_scheme ) {
$old = array( "/(wp-admin)/");
$admin_dir = WP_ADMIN_DIR;
$new = array($admin_dir);
return preg_replace( $old, $new, $url, 1);
}
function redirect_wp_admin(){
$redirect_to = $_SERVER['REQUEST_URI'];
if(count($_REQUEST)> 0 && array_key_exists('redirect_to', $_REQUEST)){
$redirect_to = $_REQUEST['redirect_to'];
$check_wp_admin = stristr($redirect_to, 'wp-admin');
if($check_wp_admin){
wp_safe_redirect( '404.php' );
}
}
}
and the htaccess:
RewriteRule ^controlpanel/(.*) wp-admin/$1?%{QUERY_STRING} [L]
Now the confusing part is I have no idea how to do the same thing for wp-login.php. the changing from "wp-login.php" to "access" works but when wp-login.php typed, it is still accessible
here's the code in the function file:
add_filter('site_url', 'wplogin_filter', 10, 3);
function wplogin_filter( $url, $path, $orig_scheme )
{
$old = array( "/(wp-login\.php)/");
$new = array( "access");
return preg_replace( $old, $new, $url, 1);
}
htaccess file:
RewriteRule ^access$ wp-login.php
So, my question is what to do to make wp-login.php not accessible (either redirected to 404 page or anything)?
Any answers are very appreciated :)
Thank you very much in advance
I've successfully made wp-admin not accessible (redirected to 404 page) here is the codes in my function file:
add_filter('site_url', 'wpadmin_filter', 10, 3);
function wpadmin_filter( $url, $path, $orig_scheme ) {
$old = array( "/(wp-admin)/");
$admin_dir = WP_ADMIN_DIR;
$new = array($admin_dir);
return preg_replace( $old, $new, $url, 1);
}
function redirect_wp_admin(){
$redirect_to = $_SERVER['REQUEST_URI'];
if(count($_REQUEST)> 0 && array_key_exists('redirect_to', $_REQUEST)){
$redirect_to = $_REQUEST['redirect_to'];
$check_wp_admin = stristr($redirect_to, 'wp-admin');
if($check_wp_admin){
wp_safe_redirect( '404.php' );
}
}
}
and the htaccess:
RewriteRule ^controlpanel/(.*) wp-admin/$1?%{QUERY_STRING} [L]
Now the confusing part is I have no idea how to do the same thing for wp-login.php. the changing from "wp-login.php" to "access" works but when wp-login.php typed, it is still accessible
here's the code in the function file:
add_filter('site_url', 'wplogin_filter', 10, 3);
function wplogin_filter( $url, $path, $orig_scheme )
{
$old = array( "/(wp-login\.php)/");
$new = array( "access");
return preg_replace( $old, $new, $url, 1);
}
htaccess file:
RewriteRule ^access$ wp-login.php
So, my question is what to do to make wp-login.php not accessible (either redirected to 404 page or anything)?
Any answers are very appreciated :)
Thank you very much in advance
Share Improve this question asked Sep 17, 2013 at 10:19 WannabeWannabe 112 bronze badges1 Answer
Reset to default 1Instead of filtering the site_url you should be filtering adim_url and login_url
add_filter('admin_url', 'new_admin_url');
function new_admin_url()
{
// Insert the new URL here:
return get_bloginfo('url').'/controlpanel/';
}
add_filter( 'login_url', 'new_login_url', 10, 2 );
function new_login_url( $login_url, $redirect ) {
return get_bloginfo('url').'/access/';
}
And combine with the Rewrite Rules and redirections in the .htaccess. For example, for the wp-login.php (I'm not a mod_rewrite expert, so it is really possibly the next code doesn't work or need some modifications):
// Internal Rewrite from access to wp-login
RewriteRule ^access(.*)$ wp-login.php$1 [NC,L]
// Real redirection from wp-login to access appending the query string
RewriteCond %{REQUEST_URI} ^wp-login.*
RewriteRule ^ access$ [R=301,NC,QSA,L]
本文标签: How to make wploginphp not accessible
版权声明:本文标题:How to make wp-login.php not accessible 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741479841a2381101.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论