05-17-2020, 01:49 PM
@"Hidden Refuge" Yeah agreed. That's only a sorta measure to delay the process and not necessarily a method to ward off bruteforce attacks.
I'd also prefer option 2 of yours. Probably that's the best way to prevent any sort of attack on the Admin page, and if you've a static IP, it's brownie points.
Moreover, I'm also in complete agreement with you regarding plugins. Sadly, some of the most beautiful WordPress plugins are back doors to doom your website. I've been the victim of a plug-in attack too, which I'd also mentioned in a previous post regarding WordPress here.
@hamed Yeah of course. You just edit your htaccess file again, add your present IP address there, and you get access to the wp-admin page. Then after you're done you can edit it back again. In my opinion, that'd be the most solid measure to prevent attacks on the wp-admin page.
Regards,
I'd also prefer option 2 of yours. Probably that's the best way to prevent any sort of attack on the Admin page, and if you've a static IP, it's brownie points.
Moreover, I'm also in complete agreement with you regarding plugins. Sadly, some of the most beautiful WordPress plugins are back doors to doom your website. I've been the victim of a plug-in attack too, which I'd also mentioned in a previous post regarding WordPress here.
@hamed Yeah of course. You just edit your htaccess file again, add your present IP address there, and you get access to the wp-admin page. Then after you're done you can edit it back again. In my opinion, that'd be the most solid measure to prevent attacks on the wp-admin page.
Regards,