> You can rename wp-login.php, or you can make it available to specific IP address(es), or you can ssh -L to access it via ssh.
Thanks! Didn't know about SSH -L. But we'll need non-techie admin dashboard access, and from dynamic IPs in Europe and the US, so obfuscating wp-login.php might be the only option.
> histogram of the IPs that try to access those files and sort it so you can see if many attempts are coming from IPs on the same networks.
Interesting idea... Thanks hadn't thought if that.
• 4 months ago