SOLVED: Fallback for new custom login page

Bricks latest v1.9.2
Chrome
macOs 13.5.1

Hi there !
Not really a bug, but a problem…

I have been testing the new custom login page in the Bricks settings issued today (v.1.9.2).
I set a custom page for login on a temporary project, so no stress. But I continued playing with this page and removed the login form at some point, saved, and later logged out.

Now when i try to connect to this project, I can’t get to the login form obviously because I removed it. And trying a direct url www.mysiste.com/wp-login does not work…

So basically I am locked out of this project :smiley:

Is there a fallback to get passed this custom page and back to a regular login page/form ?

Thanks @timmse @thomas , I think this will be helpful for many if you can create a fallback of some sort ?

Antoine

Hi @AnLip,

Hm yeah this is a little bit tricky. On one hand it’s easy to “shoot yourself in the foot”. On the other hand, having to check whether the page you’ve chosen as the login page actually has a valid login form might introduce more latency when redirecting to that page.

Just brainstorming here: maybe we could introduce a URL query parameter, where if that exists, then we should redirect to the actual WP login page :thinking: I’ll record this in our internal board and discuss this more with the team first to see what makes most sense. If you have some other ideas feel free to share as well :slight_smile:

Hi @charaf
Thanks for getting back to me.

I don’t have (for the moment) any particular suggestion, I am mostly looking into other ways of getting around this issue, and getting access back to my project.

I am thinking on changing the active theme (from Bricks child to any other WP theme I have on the install), this way it should cancel the login redirection, right ? If you have any other way you can think of to disable this redirection, I’d like to hear about it.

I’ll look farther into this when I can, and will offer some insight then, if I can gather any.

Thanks again,
Antoine

My hosting provider offers a service called Softaculous that allows to rapidly install various services (WordPress, Joomla, Drupal, prestashop, … whatever amongst hundreds of them).

It also allows a “one-click” link to automatically log-in using a special link in the form of : https://..:///**/softaculous/index.live.php?act=sign_on&insid=26_******&autoid=vhicn*****************cq2j2c3kh

Using this link I could access the admin panel and disable the login redirect. So problem solved.

Maybe there is a clue in this kind of “one-click-login” function ? Obviously any shortcut you would allow would become a weak point for security, so not sure how to. use this.

Hello!

I will provide a code below that may be able to solve the problem in question.

Code to add to functions.php

function custom_logout_redirect() {
    wp_redirect('/');
    exit();
}

add_action('wp_logout', 'custom_logout_redirect');

function custom_login_url($login_url, $redirect, $force_reauth) {
    if (strpos($login_url, 'wp-admin') !== false || strpos($login_url, 'wp-login.php') !== false) {
        return '######';
    }
    return $login_url;
}

add_filter('login_url', 'custom_login_url', 10, 3);

Change ###### to /wp-admin

Sorry for my English “translate”

Greetings,
Ruthes
Brazil

Hi @AnLip, ah sorry I thought your issue was resolved and you were just sharing the experience.

For anyone reading this later: changing the active theme would have worked (stopped the redirections to the custom login page).

Hi !

Well, my problem is solved. I managed to access the admin using this direct login function offered by the hosting’s cPanel.

In case, how can you change a theme if you can’t access the admin ?

Thanks

Hey!
Through phpmyadmin you can change the main theme.

2 Likes

I just had the same problem. via wp-cli I was able to install and activate the other theme with this command:

wp theme install twentytwentythree --activate

If you end up introducing an url parameter for that, make it customizable so we can hide the default login and only show it if we know the “code” parameter

Hi,

We’ve fixed this issue in Bricks 1.9.4, now available as a one-click update in your WordPress Dashboard.
Changelog: Bricks 1.9.4 Changelog – Bricks

Please let us know if you are still experiencing issues.

Best regards,
timmse

1 Like

Hey @timmse
Is the new release supposed to redirect from wp-login.php to the page indicated in the settings?

It’s not clear from the docs, and it’s not doing it for me on the latest version. If I access wp-login.php, it stays there and shows the default WP login form.

Hi @eLearningWP,

The new release allows you to add a parameter to the login URL brx_use_wp_login=1, bypassing the custom login page you’ve set and taking you to the default WordPress login page. If you added the parameter earlier you can try clearing your browser’s cache.

But maybe I’m misunderstanding your question, some screenshots of your settings would be helpful.