I have found a work around for this problem by utilizing Cloudflare Firewall rules. 5 are Free. I used just 2. It works perfectly. Any inputs will be appreciated.
What I did is,
- 1
Blocked direct access to /wp-login.php if it doesn’t contain /wp-login.php?action=logout.
So, a customer can easily logout without calling for wp-login.php. No Error.
So now, How do I login?
- 2
Create another rule to allow access to /wp-login.php only if a cookie is found in the browser.
Here, if I want to login, First, I will open my site. Then add a custom predefined cookie. And then access my /wp-login.php. Simple!
That cookie name and value is my key to gain access to login page.