With the recent news of a big botnet that attacks WordPress websites via wp-login.php was it time to prepare myself for the attack. wp.login.php is an uncached page that uses PHP resources which can slow down your website or cause errors. My resolution: restrict access to wp-login.php with nginx. I’m only allowing the IP addresses …
Continue reading “Protect wp-login.php with nginx for botnet that scans WordPress websites”