Since all users including admin can log in through the my-account page of Woocommerce, I was thinking that redirecting wp-login.php to homepage would be a good idea for an extra layer of security. so I put the following code in .htaccess:
Redirect /wp-login.php http://127.0.0.1
but when I click on the logout link of Woocommerce, it redirects everyone to homepage instead of logging out:
127.0.0.1/?action=logout&redirect_to=http%3A%2F%2F127.0.0.1%2Fmy-account%2F&_wpnonce=fea51efff4
Is there any chance to block wp-login.php and only use my-account page for logging in and out?
Thanks
EDIT: As per OP's comments adding this solution now, where in condition I am looking that query string to wp-login.php
shouldn't have logout
action to redirect it to login page.
RewriteCond %{QUERY_STRING} !action=logout
RewriteCond %{REQUEST_URI} ^/wp-login\.php/?$
RewriteRule ^(.*)$ http://%{HTTP_HOST}