Reset Password Form
-
I am getting more and more accesses to the Reset Password Form for nonexistant users. I am the sole user on the system and would like to deactivate the disable password form, or restrict access via .htaccess (I could reset this if I actually ever need to reset the password).
Do you have any ideas how I could do this? I did limit the access to wp-login.php Is that enough and I am too paranoid?
<Files wp-login.php> AuthUserFile /xxxxx/.lnsdfn08 AuthName "Red Light District" AuthType Basic Require valid-user </Files>
Background for my nervousness is:
A user with IP address xxx.yyy.zzz.xxx has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username ‘admin’ to try to sign in.
User IP: xxx.yyy.zzz.xxx
User hostname: xxx_yyy_zzz_xxx.rev.poneytelecom.eu
User location: France
- The topic ‘Reset Password Form’ is closed to new replies.