The issue is not with the core code of WordPress, it's the plugins and themes you install. You can add reCAPTCHA on your WordPress login, comment and or registration form or by using No CAPTCHA reCAPTCHA plugin.. You can use FTP-client to connect to the back-end of the website. After activating the plugin, go to Loginizer Security> Brute Force from WordPress admin menu to setup login protection.. 7. Hackers use Brute Force attacks to gain access to the admin panel or FTP accounts of your website. After you install the plugin, go to Brute Force section to enable custom URL. In 2016, hackers crumpled DYN putting many famous websites like Twitter, Amazon, Reddit, and Netflix offline.. By following the security measures, you are already prepared for DDoS attacks.. web host provides you support and tools to tackle DDoS attacks, Brute-Force attacks, and malware. But always check for malware, using antivirus software, before you upload them on your WordPress..
Read more