Increase security and attack protection (SPAM, hacking, code.injection, etc.)
I would love not to have to install at first a security/firewall plugin to harden WP. I think some things could be easily integrated in core: limit login attempts, WordPress Version suppression, Error messages, protection malicious URL requests, IPs white- and blacklists, etc.
I would like limit login attempts implemented. Or Atleast email user than someone tried to login multiple times.
I'm using BruteProtect which I love for it's reporting feature. It has thwarted 19 brute force attacks in the past 5 days.
My suggestion would be to implement something like this in core and eliminate the need for a plugin.
Alternatively, "Hello Dolly" (which I've never known anyone to actually use)could be removed in favor of a security plugin that could be activated upon install.
RSS feed for this topic
You must log in to post.