Everyone praises Wordpress for being fantastic, and from a user perspective, it’s indeed a very user-friendly and straightforward system where you can set up a website in a few minutes. However, from a web host’s perspective, WordPress is a nightmare. Over the years, WordPress developers have still not resolved the XML-RPC exploitation issue, they have not adequately secured the wp-cron.php vulnerability, and they continue to allow brute force attacks on wp-login.php. If an attacker or bot is clever, they could potentially crash an entire Shared hosting server by exploiting these flaws.
To enhance the stability of shared hosting servers, we have implemented global firewall rules to limit the exploitation of these vulnerabilities. Nonetheless, we recommend installing a firewall on all WordPress sites as an additional layer of protection. We suggest using tools such as All In One WP Security & Firewall.