I want to protect wp-login.php & wp-admin for everyone except me.
Since my ISP has given me a dynamic IP, using ip.src eq is out of the question.
I tried the http.request.uri.query field (for e.g. wp-login.php?id=string), and it is very much working by bypassing the security challenge but only for the duration as set in Challenge Passage.
Once the Challenge Passage period expires, I am forced to solve the challenge because the custom http.request.uri.query gets is not constant. In short, I pass the id=string with wp-login.php which is temporary.
Now what field can I use to bypass firewall rules for myself.