(sorry for the repost, I posted this to the group by accident before I saw the forum link)

//login.php is showing up on error report (double slashes). The 404 is eating all of my hosting processing. This is a new site with virtually no traffic, but that //login.php is getting hit hundreds of thousands of times, and the 404 is being displayed each time. I am looking for either a simple workaround, or some evaluation of my plugins, below:

Here is a list of plugins, I assume some combination of them is causing this:

Buddypress
All in one Favicon
BP Profile as Homepage
BP Redirect to Profile for Buddypress
BuddyPress Group Email Subscription
BuddyPress Moderation
BuddyPress No Mentions
BuddyPress Registration Groups
BuddyPress Restrict Group Creation
Custom Profile Filters for BuddyPress
Login Configurator
Welcome Pack
WP No Category Base
WPtouch

[@boonebgorges Keymaster 14 years, 6 months ago]

A simple workaround is to block access to that URL in .htaccess.

But that does not address the root issue. To the best of my knowledge, there is no file called login.php in either BP or WP. That means that you have a link somewhere in one of your files that is erroneously pointing to it, or you are getting hit by a bot that is guessing that is trying to hack your site by hitting login.php. If the former is the case, you can fix the problem by searching for ‘login.php’ in your installation. If it’s the latter, then something like an .htaccess rule is probably the only thing you can do.