Support » Requests and Feedback » Making wp-login.php dynamic

  • Why don’t wordpress fix the bruteforce issue with wp-login.php by making its name dynamic and setup using wp-config.php?

    I know there are numerous ways to harden wp against bruteforce attacks, however having a file with standard name makes it vulnerable and bots still attempt on it.

    Is WP seriously thinking about this issue? What is the expected pathway?

    Also same for xmlrpc.php

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.