We have added a new feature under Advanced Hardening. You can now change your default login URL to a custom login URL. This will mitigate bot attacks on default WordPress login URLs.
This features come with another, background process, that is also important to note: Email notifications.
The setting for email notifications can be found under General. If you ever forget the login URL, you can use a parameter as explained below to receive an email with your custom login URL. All emails pertaining feature updates and recovery are send directly from your server so it’s recommended to test notifications under ‘General’ and make sure you can receive emails from your server.
What if I can’t login?
You have enabled the feature and now you can’t login anymore? Let’s first fix the issue, and then ask support why this happened. To fix the issue;
- You will need to rename the Really Simple SSL Pro folder via FTP
- Login to FTP or your hosting’s file manager and go to /wp-content/plugins/ and fine /really-simple-ssl-pro/
- Rename to e.g. /no-really-simple-ssl-pro/
- The feature is now disabled and you can login again.
- Login and enable Really Simple SSL Pro under ‘Plugins’
- Go to Really Simple SSL – Settings – Advanced Hardening
- Disable the feature and Save.
- Go to FTP and rename /no-really-simple-ssl-pro/ to /really-simple-ssl-pro/
What if I forgot the custom login URL?
You can of course follow the above steps, but there’s a quicker way. You can receive an email with your login URL if you use below parameter in your URL. The email will only be sent to the email address entered under general settings.
The parameter is ?rssslgetlogin and can be used as shown in this example: https://domain.com?rssslgetlogin, if you load this in your browser an email will be triggered.