Apocalypse Meow provides several tools to help you lock down the wp-admin area:
- Brute-force log-in protection: temporarily disable and replace the log-in form after a specified number of failures are detected.
- Specify minimum password requirements for users to ensure nobody chooses something stupid like "password123". :)
- See a complete history of log-in attempts, successes, and bans; optionally downloadable in CSV format.
- Disable the "generator" meta tag, which betrays which version of WordPress you are running (thereby making exploits more easily targetted).
- Prevent the direct execution of PHP scripts in
- Rename the default "admin" user.
- Disable the theme/plugin editor.
- Reset all user passwords.