home/wp-admin and home/wp-login.php should redirect when home != siteurl
|Reported by:||nacin||Owned by:||nacin|
The wp-admin and wp-login.php links are example.com/wordpress/wp-admin/ and wordpress/wp-login.php. But /wordpress/ can be anything, of course. This makes finding the proper place to log in hard.*
In the case of WordPress in a subdirectory, we should trap 404 requests for /wp-admin/ and /wp-login.php and redirect them to the proper URL.
- Note that this is not at all a security measure. There are ways to find where the files are located, including HTTP headers and body.
Props @matt for the idea.
Change History (22)
- Owner set to nacin
- Resolution set to fixed
- Status changed from new to closed
comment:13 follow-up: ↓ 14 @wet — 3 years ago
- Resolution fixed deleted
- Status changed from closed to reopened