Comment on Security: Hide The WordPress Login and Admin Pages (wp-login.php) by Rob B.
I renamed wp-login.php, enabled the comment spam protection in Simple Firewall and removed the requirement for people to be logged in to post a comment and in the past 10 days this has been working brilliantly.
Rob B Also Commented
Presumably this won’t work for sites which require login to post a comment?
I see you have comments enabled here. Could you share your thoughts on preventing comment spam without login being required? On the only site I manage with comments enabled we currently have it set so people have to be logged in to leave a comment and we are using the CleanTalk plugin to prevent comment spam (which does a great job), but the site is experiencing frequent hacking attempts and it would be good to be able to rename the wp-login page and allow comments without opening up to a massive comment spam problem.