[wp-trac] [WordPress Trac] #24673: provide mainline supported rename of wp-login
WordPress Trac
noreply at wordpress.org
Tue Apr 1 10:08:43 UTC 2014
#24673: provide mainline supported rename of wp-login
--------------------------+-----------------------
Reporter: jorhett | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone:
Component: Security | Version: 3.5.2
Severity: critical | Resolution:
Keywords: close | Focuses:
--------------------------+-----------------------
Comment (by jorhett):
avryl: what bothers me is how trivial it is to attack the sites. the
authentication mechanism is one of the most expensive queries, so 10k hits
in a minute and your wordpress install is dead without even breaking in
successfully. Hey, let's put our worst foot forward and then make it
impossible to hide... genius work there.
It's a trivial fix for WP to implement. They have no actual fundamental
reason to not allow the change, except that the botnet is theirs and it is
their profit mechanism.
knutsp: dude, you're babbling. Wordpress should not try to make attacks
harder, it should make them less successful? Uh huh. Seriously, I am
asking you to GO AWAY. This is a serious topic, and you are a nonsense kid
with no grasp of the issues involved here. You are filling up a serious
bug report with your babble and nonsense, and I am asking you to stop.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/24673#comment:23>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list