I want to add extra security layer my wordpress wp-admin via zero trust application with One-time PIN. I do all setting add my wp-admin also wp-login.php etc but when I try to access wp-admin page its still open without One-time PIN page. I google it and do all but no its not work. How I can fix it?
Here my settings…
Hi,
Remove the * wildcard.
Access protects any path that starts with the pattern you entered.
I do its still open wp-admin page without one time pin page like zero trust not working… am I need to have paid subscription for use this? because my account have free plan…
You won’t be able to wall off /wp-admin, because there’s at least one resource in there (admin-ajax) that needs to be publicly accessible.
Protecting wp-login.php is your best approach, which is how I protect my logins:
@sdayman did you add Application domain 4 different record? because from screenshot i cant understand what u do… its wp-login.php 4 time?
That’s four WordPress sites (four domains). So I created four applications.
@sdayman aa its for 4 different website… its mean one website just need one .com/wp-login.php record… But I alredy do this and cloudflare one pin page never open before wp-admin login page my problem is this… also when I visit Test your policy setup page and write my mail here system also says Error testing your policy: access.api.error.invalid_user_id i dont know its about this or not…
As a result, one time page does not open before real wp-admin
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.
