wp admin – Use Password Protected Form without the use of wp-login.php

I need to password protect a page, but from what I looked up — the action of the form needs to use something like this:

action="' . esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) ) . '"


action="' . get_option('siteurl') . '/wp-login.php?action=postpass"

which both are the exact same thing and both utilizes the wp-login.php.

The problem I am facing is that my company uses a VPN to allow access to the /wp-admin login page — which in turn also affects the wp-login.php file. Because of this, the password protected page effect does not work for our users due to the VPN constraint and routes them to a 403 status page. Is there an alternative way to use the password protected page functionality without the action requiring the use of wp-login.php ?

I assume not, but though to ask if anyone had any insights. Whitelisting on the VPN would defeat the purpose of our use of a VPN to access the admin panel as well, so sorta stuck in a dilemma.