Does Wordfence have a feature to hide the wp-login.php page?
-
Hello. I have been reading some online reviews as well as reading your site.
My question is if Wordfence has a feature to hide the wp-login.php page?
This seems a good feature to me to block all kinds of undesired access to a website.
Actually if you think about it; it is unbelievable WordPress does NOT HAVE a default option for changing the wp-login.php page.
A MUST HAVE for the future.
-
To explain it slightly differently (in case that video becomes TL;DR) – this “security through obscurity” is akin to locking your front door and then hiding the key under the door mat in the hopes nobody will find it.
In other words it might slow down an attacker for a moment, but won’t do a lot else to stop them. This makes it a very unreliable security strategy, and you should not rely on it alone to provide any sort of meaningful security.
If you take the steps to properly secure your login page (eg by 2FA, enforcing strong passwords, adding protection against brute force attacks) it would already be hard enough for someone to break in that hiding your login page is not going to really add any further value. If you’re not confident enough in your security strategy that you think this technique will fix it for you, the better option would be to go revisit your security strategy and make sure you’re doing it properly.
- The topic ‘Does Wordfence have a feature to hide the wp-login.php page?’ is closed to new replies.
