Re: [bitfolk] For those hosting WordPress blogs

Adam also said: Looking at the second one, Limit Login Attempts really should be part of the core WP codebase, and I install it on everything even after finding out about the neat Fail2Ban jail (people might move their sites somewhere that doesn't do it...) Given the use of that, or similar - there's another plugin which also checks user's passwords against various lists - I would be very interested to know how useful BWPS and WF actually are. If someone can login with admin rights, you're stuffed. If they can't, and the site is set up properly, what can they do? BWPS makes a big fuss about changing the database prefix for example. But if someone has access to the database, you're stuffed regardless. Ian