I know that WordPress sites get attacked all the time, so I'm working on hardening the security on my site using WPScan.
The problem I'm running into though is that when I run a brute force attack on my site, I'm getting the following error:
"ERROR: We received an unknown response for <whatever password it was trying>"
I think this might be because the WPScan looks for [login to view URL], in which case my theme redirects you to http://domain/login/
I've already tried using the --follow-redirection switch with no change in the outcome though.
I also found this, which seems to be the same issue: [login to view URL]
But to be honest, I don't understand the one guy's response about the login_url used being from the WpUser model and not from the WpTarget.
So I really just need someone to help me get over this hump (help me understand why I'm getting the error message) so that I can continue to do my own penetration testing. I'm guessing this will be fairly easy for those of you who have done penetration testing on you own sites.
I prefer to keep my domain private, but if you're awarded the project, I'll be happy to provide a copy of the theme so that you can do your own testing.
Hi, I am Rohan
I can develop your site in a way that represents your brand (with 7 years of experience) and appeals to your target audience.
I have read your job description and it has a great fit to me. I am very clear will all instruction which you have described.
For 5 years I’ve worked in this field and so I am accustomed to working with all sorts of products and services.
I have a deep passion for my work and that all of my work is 100% original.
I'd love to talk to you further, you can send me a private message.
I look forward to hearing from you.
Thank you.
Hi there - My name is Jhalak. I’ve read your brief and can see that you’d like to build an Website. My team has 4 years experience designing and developing mobile apps and Websites. I would approach your project by starting with wireframes and getting the site completed, before starting the actual development phase. I am highly qualified for this project and would love to speak with you further about taking this project on. If you'd like to view my previous work, take a look at my Freelancer Portfolio.
Regards,
Jhalak
Thanks, Diamond looking forward for your reply.
Hello
My name Duong. I am web developer. I have 5 years experience. I can check bug via wpscan, check all plugin, source code & database
Pls contact me via by inbox or skype: duongth2910
Hello there , if you are looking for dedicated team of experts in this area we are available to work on your projects . Feel free to contact us in private for further details.
Thanks & Kind Regards