When you host a WordPress site, you should consider that you are pretty much opening a backdoor to your server. It’s not quite that simple, but, as one of the most widely-used Blogging and “CMS” platforms, it is regular target for hackers, and when you consider the vast ecosystem of 3rd party Plugins and Themes (one of the main driving points of it’s popularity), hackers have a massive surface area to attack. Because of this, it is important to do what you can to protect WordPress installations from exploit and abuse. In this post I am not going to go over securing the code that runs on WordPress, but I am going to mention two things you can do using Fail2Ban to protect against unauthorized logins, and abuse of xmlrpc.php
.
» Read more about: Protecting WordPress with Fail2Ban »