1. While it's not possible to change the username through wp-admin, it can be done at the database level. Depending on the exact environment it can get touchy since it will alter author page URLs and more. There's got to be a full write-up somewhere online. If the login is "admin" then it's highly recommended. 2. Blocking by country is possible though the list of IP ranges are large and will impact processing time. As others have mentioned, you'll also turn away valid traffic. Wordfence is a large and thorough security plugin that will block after a certain number of failed login attempts. "Limit Login Attempts" <https://wordpress.org/plugins/limit-login-attempts/> is a very light-weight plugin that does a similar job. Since this past fall, hackers have been using XML-RPC calls to bulk-test passwords. I don't know if Wordfence provides protection against that attack. The simplest fix is to disable XML-RPC but this impacts the mobile publishing app, certain features of Jetpack, and any other plugin that uses XML-RPC. If that's not a concern, there are plugins to disable it through what's practically a 1-line fix. Ideally, I'd like to see the maintainers provide ways to disable the bulk-request method in limited instances while protecting legitimate uses. On 1/14/2016 11:19 AM, Shel Horowitz wrote: > > > > > A client's site was compromised recently. I changed the password to > something impossible to guess--but I'm wondering if: > 1) There's a way to change the username in wp-admin > 2) It's possible to block domains or country codes of attackers trying > to sign in (most of them seem to be from France) > > Thanks, > > ________________________________________________ > Watch (and please share) my TEDx Talk, > "Impossible is a Dare: Business for a Better World" > _http://www.ted.com/tedx/events/11809_ > > Contact me to bake in profitability while addressing hunger, > poverty, war, and catastrophic climate change > > Twitter: @shelhorowitz > > * First business ever to be Green America Gold Certified > * Inducted into the National Environmental Hall of Fame > > http://goingbeyondsustainability.com > <http://goingbeyondsustainability.com/> for the corporate world > http://impactwithprofit.com <http://impactwithprofit.com/> for > entrepreneurs > http://greenandprofitable.com <http://greenandprofitable.com/> for > green businesses > mailto:shel at greenandprofitable.com > <mailto:shel at greenandprofitable.com> * 413-586-2388 <tel:413-586-2388> > Award-winning, best-selling (8th) book: > Guerrilla Marketing Goes Green (co-authored with Jay Conrad Levinson) > Coming in April: Guerrilla Marketing to Heal the World > _________________________________________________ > > > _______________________________________________ > Hidden-discuss mailing list - home page: http://www.hidden-tech.net > Hidden-discuss at lists.hidden-tech.net > > You are receiving this because you are on the Hidden-Tech Discussion list. > If you would like to change your list preferences, Go to the Members > page on the Hidden Tech Web site. > http://www.hidden-tech.net/members -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20160114/6b91ae32/attachment.html