I just don't get this CMS tool. It's unreal. The more you try to secure your site, the more the CMS stops allowing it to work correctly.
I am trying to secure my wp-admin, yet EVERY resource on google is from over a year ago (starting to see why now--people are leaving WordPress). Most everyone tells you to use .htaccess to lock down the folder, but when you do you render it useless.
So ok, you get it to work by other means: BAM! You're unable to upload images if you're not using crap IE.
Is wordpress this stupid? How can this tool say it's secure when simple things in the installation don't even pop up and tell you "Hey, tell us what you would like you name your admin login URL - and don't use something people can guess".
Such simple things are not even a PART of WordPress. So here it is, closer to releasing my heavily modded design using WordPress, and I have GREAT concerns of its security, but I have this POS folder sitting there "WP-ADMIN" that says "I USE WORDPRESS, PLEASE HACK ME!" Are you serious WordPress? No options to safely rename this DURING installation? Or even AFTER?
NO method works in trying to hide this folder or setting up cookies, password protecting the folder...NOTHING --- without breaking the image upload thanks to their POOR choice to use FLASH UPLOADER.
All day I have been fighting with this garbage, and this is ridiculous at this point. I'm going to punch my friend for recommending this horrible, horrible CMS tool. It's nothing but a huge invite to hackers.