Forum Discussion
Per_Hagstrom
Feb 25, 2019Nimbostratus
Simple WordPress login protection using referral
I'm trying to protect the default login page (/wp-login.php) on our WordPress site, using a "secret" (/secretlogin) page as a referral, and only then should you be able to login: (otherwise you get r...
Dave_McCauley_3
Feb 25, 2019Cirrostratus
Drop the static variable and see if that helps. Static variables are put into the tmm's global namespace, i.e. even other iRules would see this variable and generally shouldn't be used. If you use a standard variable, you'll have it be distinct for each new connection, which is what I think you want here.
https://devcentral.f5.com/wiki/iRules.static.ashx
-Dave
- Per_HagstromFeb 26, 2019Nimbostratus
Dave,
Great! Yes, that seems to have fixed the problem! Thank you very much! 🙂
/ Per
ps. in case someone else would like to use this iRule, here is the corrected code:
when CLIENT_ACCEPTED { set triggerWP 0 } when HTTP_REQUEST { if {[string tolower [HTTP::path]] contains "/wp-login.php" and $triggerWP == 0 } { HTTP::redirect "https://[HTTP::host]/restricted-access" } if {[string tolower [HTTP::path]] equals "/secretlogin"} { set triggerWP 1 HTTP::redirect https://[HTTP::host]/wp-login.php } }
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects