Let users choose name of wp-login.php (to prevent bot-based password attacks)

  1. websta

    My server is constantly being taken down by broad, bot-based attempts to discover the passwords via wp-login.php.

    I suggest letting users choose the name of the wp-login.php file, which could help discourage automated attacks.

    Posted: 4 years ago #
  2. Ipstenu (Mika Epstein)

    Not at this time. We feel that's security by obscurity, and won't help your site being taken down (since a hundred people hitting a 404 is about the same as a hundred people logging in).


    We recommend these tips: https://codex.wordpress.org/Brute_Force_Attacks

    Of course you can use a plugin to handle that change if you wanted, but it's not going to be in core any time soon.

    Posted: 4 years ago #

RSS feed for this topic


You must log in to post.

  • Rating

    0 Votes
  • Status

    Sorry, not right now