| WordPress

A file with a lock over it to symbolize securityOne of the most common ways that people attack WordPress sites is via the wp-login.php file.

Hackers try a "brute force attack" where they simply go to your login page and try to login as many times as they can. They try to login to your site using a masterlist of common usernames and passwords.

Every time they access that login page it adds stress to your server. If they're accessing the page multiple times per second, it can significantly slow or even crash your site.

In this video, Topher shows you how to solve this problem via a plugin called "Rename wp-login.php".


About the author

Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.