Dear Sirs,
May I know why I found the directory privacy’s login form is showing on the Checkup Page? Is it to protect the WordPress Login Page only?
The following screenshots are for your reference. Could you please teach me how to remove it? Thank you.
Just remove the Protected Directory settings?
The wp-admin itself is already protected by WordPress core, why bother to setup an extra password here?
I don’t see it at the checkup
maybe you were logged into WP as an admin and then you use the wp-admin dir
Are you sure that this password prompt is caused by the protected directory? Normally, the Name is also shown on the login prompt, but I don’t see it on yours.
In any case, there is isn’t a lot that can be done on the hosting side about this. Protecting a directory protects that directory. Anything in the directory is protected, anything outside the directory is not.
If there are pages outside the desired area that trigger the password prompt, it means requests are made to the protected directory. But that can only be fixed through the website code, not the hosting.
If it’s giving you problems, you can always choose to disable the directory protection completely.
It’s additional security. It’s not strictly necessary, but it adds another layer.
Hi Frank419,
I set Protected Directory Settings to show 2FA function here because I’m not sure that the wp-admin itself is already protected by WordPress core.
Thank you.
Hi Oxy,
When I am filling out the form, the popup login form will show on email address and account username fields.
Thank you.
I see now
your form I think after entering the email address
try to call ajax and then you get a problem
and I see a lot of constant reqs towards stripe dot com
Hi Admin,
The popup login form is showing on both wp-login page (before seeing the WordPress Login form) and checkout page (when entering email address and account username).
I set the settings via InfinityFree>accounts>Protected Directory, please refer to the following screenshot and hope to check with you if the setings are correct.
Thank you.
Hi Oxy,
Could you please show me how to call ajax and then get a problem step by step? Because I’m a beginner.
Thank you
That’s because:
I’m unable to access the wp-login.php URL at all due to a redirect loop issue, with WordPress generating the redirect. Is your HTTPS detection correct?
I also see that the responses appear to be handled by the Endurance Cache plugin. Given that InfinityFree is not owned by the Endurance group, there is no reason to use the cache plugin of your previous hosting provider here.
The protected directory is working as intended. Request to the directory require a login, and requests elsewhere do not. The checkout page makes requests to the password protected area without being logged in yet, you get a password prompt.
The solution is to remove the /wp-admin/admin-ajax.php calls from the checkout page, or remove the password protected directory.
As for how to remove the AJAX call, I have no idea. I’m not that familiar with the finer details of WooCommerce. Maybe there is a setting to change this or remove the specific functionality being used, maybe there isn’t.
But disabling the password protection is easy: just remove it from the client area and it will be removed from your website.
But of course, that will make your admin area less secure (but still secure enough).
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
