We have done some penetration testing on a wordpress site and one of the issues that has been returned is:
An administration portal is accessible via the Internet
- It is recommended that access to this portal is prevented via the Internet
As the site is a web based cms is this even possible to fix? This is not my area of expertise and i'm struggling to find a way to fix this.
Can anyone help?
Thanks
As far as I know , you can not restrict in way which you want. But you can do like allow admin access to specific user by IP address. Like if you want that no one should access your wp admin other than you then you can achieve this by specified your ip in .htaccess.