Any WordPress instance include specific files located within root install directory. You may think this is not a big deal as any site contain such file. The problem is they use a format which makes your WordPress easy traceable:
wp-blog-header.php wp-links-opml.php wp-load.php wp-mail.php license.txt readme.html
This area provides a way to control the privacy of those files making them invisible to anyone accessing them from outside. They will continue to be used internally by WordPress without any problem.
This is a text file which contains the licensing terms for the WordPress framework. Obviously, you don’t want that visible as every site containing such a file must be a WordPress.
A Hypertext Markup Language file with general information about installed WordPress, version, installation steps, updating, requirements, resources etc.
Block access to wp-activate.php file. Through this file new users confirm that the activation key that is received in the email after signing up for a new blog matches the key for that user. If anyone can register on your site, you should keep this off, but use the other plugin functionalities to rename to something else.
The file wp-cron.php is the portion of WordPress that handles scheduled internal events within a WordPress site. If remote cron calls are not used, it is safe to turn this option to Yes. The code also resolves the internal server IP and excludes it against this option, so the cron service continues to work as before.
Through this, anyone can register on your site. If the registration functionality is turned off, the register-me.php should be blocked. Otherwise, it should be renamed through the other plugin features.
This is a deprecated file but is still present in many WordPress installs. This should be blocked.
Block other wp-*.php files
Block other wp-*.php files. E.g. wp-blog-header.php, wp-config.php. Those files are used internally, blocking those will not affect any functionality. Other root files (wp-activate.php, wp-login.php, register-me.php etc) are ignored, they can be controlled through their own settings.