What are bots using to hack Wordpress installs??
I'm trying to harden a new Wordpress install from previous hacking, code injection problems so the same hopefully won't happen this time around.
I'm just interested are most or all of the brute type attacks done via the Admin Log-In screen???? I have installed a CAPTCHA on my log-in screen this time around, with limited log-in attempts to hopefully reduce any risk if this is the main access point.
I know all of the other basics like updating, changing username etc etc.. I was just looking for a bit more experienced input from someone please. I am going to back-up my install regulary and I may also look at installing another type of security plug-in, although this does worry me at whether this is going to effect the site load times much and thus my search engine ranking?!
Thanks for looking,
Steve
Free (good quality) Self Help Resources
Using Mindfulness to Quiet Your Mind
Do. Or Do Not. There is no try...