Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Wouldn’t your server fall down anyway? The brute force attacks would be hitting your server at a rate that it cannot cope (unless preventative measures have been used), regardless of the directory they are hitting.
Agreed. Obscurity and security are not synonymous.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
would it be possible to give the option at install to change the standard directories for example content or admin etc…
Not really. I mean, you can change some things but it almost always causes massive pain and suffering for you.
http://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content_folder
Unless you like inflicting pain upon yourself then I recommend that you do NOT move your wp-content folder like that. 😉
It would make it harder for hackers to perform brute force attacks….
100% incorrect. The code is where the security and changing the directory names does nothing for the code.
It’s come up often before and it’s always not true. As indicated above it’s not security in doing that.
A piece of cheese behind a refrigerator is obscure, but a piece of cheese in a mousetrap is secure.
