Edit: And my reply is late by an hour. ??
Give this a read about moving wp-content
https://codex.www.ads-software.com/Editing_wp-config.php#Moving_wp-content_folder
Just keep in mind that some themes and plugins are less compliant than others and they may break when you do this.
My aim is to increase site security and prevent bot attacks.
I was really afraid you’d reply with that. It’s 100% not the case and doing that doesn’t make anything more secure or get bots to not pound on your site. There’s 2 separate items here.
*Pulls out soapbox and get’s on top*
1. Security
The security is inherent in the code that gets called and executed. Moving it or obssuring it doesn’t accomplish anything because the code is still being executed and if it is prone to being exploited then that’s the problem that needs to be addressed. Moving that code doesn’t do anything at all for that.
2. Denial of service
Give this a read about the brute force options and suggestions on the security front.
https://codex.www.ads-software.com/Brute_Force_Attacks
For DDoS: The short of it is that WordPress is an application sitting on a web server and if that web server is flooded with requests then it will fall down. That’s not something that an application can do or mitigate.
Now at the server level you may be able to do something about that. You can use a CDN that includes automated tests to see if the request is via a Real Person? before the request gets to your actual server. That’s one way but what I’m getting at is that you need to have a strategy for dealing with those botnets at that level.
Moving the wp-content
isn’t it because if the botnets detect WordPress (and there’s lots of ways to do that) they’ll hammer your site anyway even if you move things around that way.
*Steps off of soapbox*
But give that first link a read, it may do what you’re attempting to accomplish. ??