WordPress login page falls into HTTP 406 Not Acceptable error after a few clicks
|Reported by:||Ricardo2013||Owned by:|
Description (last modified by SergeyBiryukov)
At first I thought this was just my own site, but then I tested a dummy site within the same web hosting account and finally a random WordPress site on the web.
This problem is very easy to reproduce. Simply go to wp-login.php and instead of logging in, click on the register link or on the "Lost your password?" link and the quickly press the back button to return to the login page. Repeat going to the register or lost password pages and returning to the login page several times, until you get the
HTTP 406 Not Acceptable error
This cripples the login mechanism for a few minutes at least. Excellent for a denial of service attack using only one computer.
Change History (12)
comment:1 SergeyBiryukov — 5 months ago
- Description modified (diff)
- Summary changed from Wordpress login page falls into HTTP 406 Not Acceptable error after a few clicks to WordPress login page falls into HTTP 406 Not Acceptable error after a few clicks
comment:11 markoheijnen — 5 months ago
- Keywords reporter-feedback removed
- Milestone Awaiting Review deleted
- Resolution set to invalid
- Status changed from new to closed