We are continuously fighting to keep hackers out of the WordPress admin. Brute force attacks on the wp-login page, remote code execution due to zero-day plugin vulnerabilities, or hacker toolkits that try to access plugin files by cycling through lists of known vulnerabilities – these types of attempts must be blocked. In this article and accompanying video I present a lockdown option for power users that works nicely for certain types of sites and would stop common hacker activity.