WordPress.org

Ready to get started?Download WordPress

Ideas

Let users choose name of wp-login.php (to prevent bot-based password attacks)

  1. websta
    Member

    My server is constantly being taken down by broad, bot-based attempts to discover the passwords via wp-login.php.

    I suggest letting users choose the name of the wp-login.php file, which could help discourage automated attacks.

    Posted: 5 months ago #
  2. Ipstenu (Mika Epstein)
    Half-Elf Support Rogue & Mod

    Not at this time. We feel that's security by obscurity, and won't help your site being taken down (since a hundred people hitting a 404 is about the same as a hundred people logging in).

    https://codex.wordpress.org/Hardening_WordPress#Security_through_obscurity

    We recommend these tips: https://codex.wordpress.org/Brute_Force_Attacks

    Of course you can use a plugin to handle that change if you wanted, but it's not going to be in core any time soon.

    Posted: 5 months ago #

RSS feed for this topic

Reply

You must log in to post.

  • Rating

    12345
    0 Votes
  • Status

    Sorry, not right now