Hiding The Admin URL Via wordpress prevent hackers? - GoFuckYourself.com

lakerslive · 07-17-2013, 08:17 AM

would that help eliminate any hacking?

so my wordpress admin used to be domain.com/wp-admin/

now its domain.com/*******

tnx

lucas131 · 07-17-2013, 08:19 AM

why you posted the new url here?

Sly · 07-17-2013, 08:21 AM

You can set up IP restriction for the login page. This way only IP's that you allow will be able to access the login page. Ask your web host how to do this.

Fat Panda · 07-17-2013, 08:27 AM

htaccess to allow only your ip

fris · 07-19-2013, 10:49 AM

Quote:

Originally Posted by SAC

htaccess to allow only your ip

agreed, plus disable wp-admin for subscribers, redirect users to main.

freecartoonporn · 07-19-2013, 11:38 AM

just rename login page.

tokmansta · 07-19-2013, 12:06 PM

99% of the time you get fucked by an automatic scanner.

solutions:
-change wp-admin directory
-remove readme.html and licence.txt
-remove the "powered by wordpress" part in the footer

Rob · 07-19-2013, 01:09 PM

Quote:

Originally Posted by tokmansta

99% of the time you get fucked by an automatic scanner.

solutions:
-change wp-admin directory
-remove readme.html and licence.txt
-remove the "powered by wordpress" part in the footer

This. Also utilize .htaccess to allow only your IP and disallow everything else. That should make it pretty secure.

nexcom28 · 07-19-2013, 01:27 PM

I recommend you make the wp-admin directory an obscure name. There is a tool that will scan like 1000+ different login directorys.
Make it something like wp-pooface and you should be ok.

freecartoonporn · 07-19-2013, 08:32 PM

why not install plugin to lock the fraud logins ?

NinjaSteve · 07-20-2013, 02:43 AM

CyberSEO linked to a plugin a little while ago, but I'm not sure what thread it was. Here's the plugin he mentioned http://codecanyon.net/item/hide-my-w...dpress/4177158

Ferus · 07-20-2013, 04:28 AM

Most hack happes due to plugins with bad security and script weaknesses in WP itself.

adult-help · 07-20-2013, 04:33 AM

yeah I also limit IP to my IP. It sucks if it changes a lot though.

scouser · 07-20-2013, 06:57 AM

u can stop logins (well, whitelist it against ips). it wont stop all hacks at all (most are plugin ones) but it stops people trying to login and brute force guess pws...

<Files wp-login.php>
order deny,allow
deny from all
allow from 123.123.123.123
allow from 456.789.456.789
</Files>

07-17-2013, 08:17 AM	#1
lakerslive Confirmed User Industry Role: Join Date: Aug 2012 Posts: 929	Hiding The Admin URL Via wordpress prevent hackers? would that help eliminate any hacking? so my wordpress admin used to be domain.com/wp-admin/ now its domain.com/******* tnx

07-17-2013, 08:21 AM	#3
Sly Let's do some business! Industry Role: Join Date: Sep 2004 Location: Austin, TX Posts: 31,296	You can set up IP restriction for the login page. This way only IP's that you allow will be able to access the login page. Ask your web host how to do this. __________________ Vacares - Web Hosting, Domains, O365, Security & More - Paxum and BTC Accepted Windows VPS now available - just $50/mo Wanted: CCBill pay sites for sale

07-19-2013, 11:38 AM	#6
freecartoonporn Confirmed User Industry Role: Join Date: Jan 2012 Location: NC Posts: 7,683	just rename login page. __________________ SSD Cloud Server, VPS Server, Simple Cloud Hosting \| DigitalOcean

07-19-2013, 08:32 PM	#10
freecartoonporn Confirmed User Industry Role: Join Date: Jan 2012 Location: NC Posts: 7,683	why not install plugin to lock the fraud logins ? __________________ SSD Cloud Server, VPS Server, Simple Cloud Hosting \| DigitalOcean

07-20-2013, 02:43 AM	#11
NinjaSteve Too lazy to set a custom title Industry Role: Join Date: Dec 2003 Posts: 11,089	CyberSEO linked to a plugin a little while ago, but I'm not sure what thread it was. Here's the plugin he mentioned http://codecanyon.net/item/hide-my-w...dpress/4177158 __________________ ...

07-17-2013, 08:19 AM	#2
lucas131 ¯\_(ツ)_/¯ Industry Role: Join Date: Aug 2004 Posts: 11,475	why you posted the new url here?

07-17-2013, 08:27 AM	#4
Fat Panda Porn is Dead. Move along. Industry Role: Join Date: Aug 2006 Posts: 13,295	htaccess to allow only your ip

07-19-2013, 12:06 PM	#7
tokmansta Confirmed User Industry Role: Join Date: Jan 2013 Posts: 566	99% of the time you get fucked by an automatic scanner. solutions: -change wp-admin directory -remove readme.html and licence.txt -remove the "powered by wordpress" part in the footer

07-19-2013, 01:27 PM	#9
nexcom28 So Fucking Banned Join Date: Jan 2005 Posts: 3,716	I recommend you make the wp-admin directory an obscure name. There is a tool that will scan like 1000+ different login directorys. Make it something like wp-pooface and you should be ok.

07-20-2013, 04:28 AM	#12
Ferus Bye - Left to do stuff Industry Role: Join Date: Feb 2013 Posts: 4,108	Most hack happes due to plugins with bad security and script weaknesses in WP itself.

07-20-2013, 04:33 AM	#13
adult-help Confirmed User Industry Role: Join Date: Mar 2008 Posts: 2,450	yeah I also limit IP to my IP. It sucks if it changes a lot though. __________________ Adult web templates, Adult WordPress Themes, TGP, MGP.. also Complete Wordpress PaySite Development - Adult WordPress Blog Themes - Free FHG Templates - Free PaySite Script - Adult Tutorials Directory - Adult Domain Marketplace - Adult Jobs

07-20-2013, 06:57 AM	#14
scouser marketer. Industry Role: Join Date: Aug 2006 Location: bcn Posts: 2,280	u can stop logins (well, whitelist it against ips). it wont stop all hacks at all (most are plugin ones) but it stops people trying to login and brute force guess pws... <Files wp-login.php> order deny,allow deny from all allow from 123.123.123.123 allow from 456.789.456.789 </Files>