When using WP Security Ninja’s security tests on a website that’s either under maintenance or password-protected, you may encounter some issues. These types of websites often block certain requests or redirect them, which can affect the accuracy of security tests.
Why Conflicts Occur
Plugins for maintenance or ‘coming soon’ pages typically block or redirect requests to various parts of your website. This can lead to incorrect results in some of the security tests. For instance, the test for the readme.html file might show inaccurate results.
Some tests, like the one for the readme.html file, are performed by visiting the URL for the file and checking the response. Although this test could be done by checking the filesystem, visiting the URL is the most accurate method for websites that conceal their use of WordPress.
Even if your website is under maintenance, you can still keep the firewall active. The firewall continues to protect your site from malicious page requests that aren’t redirected.