Backend Hidden-But getting msgs of attempted Admin login.

  • I’ve hidden my backend, so why am I getting Site Lockout Notifications saying that someone tried to login as “Admin”?

Viewing 1 replies (of 1 total)

  • Hi,

    Hiding the backend does not prevent a user or bot from accessing the WordPress Dashboard Login, rather, it only changes the login slug. If you haven’t already, you may want to go to Security> Settings> Local Brute Force Detection and enable the Automatically ban “admin” user feature.

    Hiding the backend is not a valid form of Security and will not assist in securing your WordPress Dashboard Login. The Hide Backend feature is known as Security through Obscurity and does not prevent users from being able to access the site.? I would suggest relying on stronger features like two-factor authentication, reCAPTCHA, and enforcing strong passwords to secure your login.

    https://ithemes.com/the-top-5-wordpress-security-myths-debunked/

    Thanks,

    Matt

Viewing 1 replies (of 1 total)
  • The topic ‘Backend Hidden-But getting msgs of attempted Admin login.’ is closed to new replies.