WordPress – prevent access to php files in wp-includes
Most wordpress php files are in directory wp-includes in wordpress root directory. This can be used by hackers to try to access these directly. This read more
prevent wordpress xmlrpc.php attack
Sometimes you may see too many POST requests to xmlrpc.php in your apache access log. Large number of hits to xmlrpc.php can slow down your read more