We can reduce the chance of being attacked and compromised through the following three steps:
1. Add the following code to the current functions.php to remove WordPress Version information to reduce the chance of being scanned.
remove_action( 'wp_head', 'wp_generator');
2. The default user name should not be admin. Modify the admin user name through SQL.
UPDATE wp_users SET user_login = 'newuser' WHERE user_login = 'admin';
3. Install the Limit Login Attempts plug-in to limit the number of login attempts and prevent the backend password from being obtained through exhaustive methods.
Recommended tutorial: wordpress tutorial
The above is the detailed content of How to protect your WordPress website from brute force attacks. For more information, please follow other related articles on the PHP Chinese website!