WordPress Brute Force Attacks & Plugin Protection
April 16th, 2013 by admin
Protect your site from hackers using Brute Force attacks, which means they try to gain access to your site using scripts to guess your login credentials. Her…
Written by - Visit WebsitePosted in Wordpress Tutorial Videos
April 16th, 2013 at 10:28 pm
Yes, backing up is a must but I’m having more of an issue with the repeated attempts by the same IP addresses that sometimes eats up system resources and can cause the server to become unresponsive. That’s why this plugin seems to be? effective for me. Already seeing a lot less access from repeated IP’s. Even tho they are using proxies to use more IP’s, the plugin is still preventing the same ones from trying over and over and over again. That seems to be my problem.
April 16th, 2013 at 10:28 pm
Change your username if using admin and take full backup which should be stored away from the server. There where 4,300 sites lost with no chance of recovery last year even though the host had full backups, they didn’t store them away from the? server and they where hacked beyond repair.
April 16th, 2013 at 10:28 pm
Hey Brad, great to hear from ya. (I remember you from WB). I don’t think any plugin is perfect, but it is stopping the same one from trying over and over and over again. Do you have other suggestions? I’d love to hear? them if you think there’s another solution. Please share. I’m by no means an expert.
April 16th, 2013 at 10:28 pm
Limit Login Attempts won’t help — supposedly this botnet has over 90,000 IP addresses,? so an IP limiting or login throttling plugin isn’t going to be great (they could try from a different IP a second for 24 hours). Source Matt Mullenweg.
April 16th, 2013 at 10:28 pm
I actually think this has been happening to my blog for years –? the plugin just now shows what they are trying to do. This isn’t anything new. Most people who install this plugin find out hackers have been doing the same thing so I don’t think it’s anything specific to my site. I’m not concerned as long as I use super secure passwords.
April 16th, 2013 at 10:28 pm
You’re gonna have a bad time when you change your password
They might be tricking you to change? your password so they can get your password
If they have been doing this for a long time. Im sure they have sniffed the server and get the info they wanted.So either way you are likely to be hacked
April 16th, 2013 at 10:28 pm
Thank you, Lisa! I installed it as this video was playing, As a new website owner it’s crucial to keep things running smoothly. Hackers can take a toll on your business… And that kind of business is? BAD for business. thanks again for the recommendation.
April 16th, 2013 at 10:28 pm
Nice! Sounds like you have a? good system going over there.
April 16th, 2013 at 10:28 pm
.. continued (2) – My admin account is active and there is one other access limitation – it is simply? limited to access on localhost only so the hackers will need to sneak some malware into the server to have access to it or actually sit by the computer itself.
April 16th, 2013 at 10:28 pm
.. continued – That my friend is very efficient. Nobody have yet been able to break into it – At least so it seems – I don’t find any irregularities in my site. The hackers have 3 attempts from the same IP and then a block for about 900 seconds. It seems to be working because I see a lot of suspended attempts too. And to add to it – The server seems to be running very stable too running 24-7 and not maintained much – Last? time I was accessing my server (in my room) was about 2-3 months ago.
April 16th, 2013 at 10:28 pm
Hello there Lisa
It is as you say very important to secure your blog or for that matter the website with long and strong passwords and of course an attempt limiter. Personally I have my own website running? and many times I experience loads of attacks from something very close to bot nets if it isn’t really bot nets and so my log have lots of entries of login attempts on the FTP (I don’t use Web based Login) and as you suggest A well defined Long (near Random) password and a limit of 3 attempts
April 16th, 2013 at 10:28 pm
Good? for you Thomas. 🙂
April 16th, 2013 at 10:28 pm
Hi Lisa
You are so right. I have seen a lot of attack against my blog lately. I am so glad that I have implemented the Limited Login attempts months ago. That has been great to let me know how often people are? trying to attack my blog.