[wp-hackers] define WP_ADMIN_DIR constant

Andrew Nacin wp at andrewnacin.com
Fri Jul 5 16:02:46 UTC 2013


And if you wanted to, you could filter URLs (everything goes through
admin_url() etc) and then just do rewriting manually at the server (i.e.
nginx, apache) level. This basically already occurs in multisite, to
rewrite /some-blog/wp-admin/ to the actual wp-admin directory. So, no need
to actually support this in core.


On Fri, Jul 5, 2013 at 11:52 AM, John Blackbourn
<johnbillion+wp at gmail.com>wrote:

> On 5 July 2013 16:25, sergi meseguer <zigotica at gmail.com> wrote:
> > Is the official answer still (2013) to keep out of this? If the answer is
> > no, is there an official or recommended way to obfuscate wp-admin
> location?
>
> The answer still appears to be no. Security by obscurity is still not
> real security.
>
> The most recent discussion on this topic can be found here:
> http://core.trac.wordpress.org/ticket/24673. See in particular Andrew
> Nacin's comment on that ticket, and previous discussion on the related
> tickets (http://core.trac.wordpress.org/ticket/15289,
> http://core.trac.wordpress.org/ticket/13118,
> http://core.trac.wordpress.org/ticket/7194).
>
> John
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list