- Joined
- Mar 26, 2020
- Messages
- 209
- Reaction score
- 32
- Points
- 56
Due to encountering severe issues with brute force login attempts on my WordPress site, I have implemented suggestions from other forum users such as changing the login URL and restricting the login attempts through plugins like WPS Hide Login and Limited Login Attempts. While these changes have reduced the number of login attempts, a significant amount of attempts still occur. I have two inquiries:
- How do bots discover the new URL so quickly, and are there any alternative plugins or solutions?
- Despite having unique usernames, login attempts are being made to two of my WordPress sites using general, common usernames. How is this possible, and what can I do to improve security?