referer
1 TopicSimple WordPress login protection using referral
I'm trying to protect the default login page (/wp-login.php) on our WordPress site, using a "secret" (/secretlogin) page as a referral, and only then should you be able to login: (otherwise you get redirected to a restricted access page) when CLIENT_ACCEPTED { set static::triggerWP 0 } when HTTP_REQUEST { if {[string tolower [HTTP::path]] contains "/wp-login.php" and $static::triggerWP == 0 } { HTTP::redirect "https://[HTTP::host]/restricted-access" } if {[string tolower [HTTP::path]] equals "/secretlogin"} { set static::triggerWP 1 HTTP::redirect https://[HTTP::host]/wp-login.php } } And this seems to work pretty well in our test environment, but when I added this to our Prod environment, which has lots of traffic, it is very rare for this to work. I'm guessing the heavy traffic resets the triggerWP variable to 0, and that this variable isn't unique to each person who connects? Any idea how I could handle this better? Thanks!799Views0likes4Comments