05-17-2020, 02:04 PM
(05-17-2020, 01:49 PM)sohamb03 Wrote: @"Hidden Refuge" Yeah agreed. That's only a sorta measure to delay the process and not necessarily a method to ward off bruteforce attacks.A hacker can never attack my site's admin page because my site is highly secure by the data center. But a super professional hacker can do that (crack). But you say attack. Anyone who wants to attack the site will not only attack one subdomain but also the entire site server
I'd also prefer option 2 of yours. Probably that's the best way to prevent any sort of attack on the Admin page, and if you've a static IP, it's brownie points.
Moreover, I'm also in complete agreement with you regarding plugins. Sadly, some of the most beautiful WordPress plugins are back doors to doom your website. I've been the victim of a plug-in attack too, which I'd also mentioned in a previous post regarding WordPress here.
@hamed Yeah of course. You just edit your htaccess file again, add your present IP address there, and you get access to the wp-admin page. Then after you're done you can edit it back again. In my opinion, that'd be the most solid measure to prevent attacks on the wp-admin page.
Regards,