Follow

Please Stop Hiding wp-admin
Once upon a time the security of a WordPress site could be improved by simply moving the login page.

Those were simpler days. The REST API wasn't part of WordPress core and WordPress itself was a much smaller part of the internet and, as a result, a much smaller target for attackers than it is now.

I even wrote one of the better implementations to hide the WordPress login page as part of, f
chriswiegman.com/2021/10/pleas

Sign in to participate in the conversation
Chris Wiegman

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!