|
|
|
|
|
|
by stevenicr
2400 days ago
|
|
|
with a default wp install - you are right,
however it's trivial to add a couple of security plugins and turn on auto-update. adding the "ipgeoblock plugin" wipes out most attacks straight away. with some of my wp sites that got attacked a lot on a regular basis, I use a 'static html generator' plugin - and delete all the wp php files - no way to login, add comments or hack the wp core or plugins or themes, since they are not in use when you convert it all the static html. On wp sites where I actually add content with regularity, I don't delete the wp files, and just use shield, sucuri, ipgeoblock, plugin things like that depending on threat. |
|
|