According to Wordfence, a WordPress security company, there is currently a huge series WordPress brute force attacks taking place that is targeting WordPress based websites.  A brute force attack is essentially an automated attempt to find a weakness in you WordPress that allows a bot to gain access to your site and inject it with malicious script(s).

Combating WordPress Attacks

One of the most common brute force attacks seen with WordPress is a username/password attack.  The automated bot will find your WordPress login panel page (usually www.yoursite.com/wp-login/) and attempt to hack your username and password by making continuous automated guesses until it gets it right.  The easiest way to combat this attack is to change your default login page and put a limit on the number of failed login attempts.  Hiding the login page keeps the bots from gaining access to the page and limiting your failed logins essentially locks out an specific IP address after it gets the username or password wrong after a certain amount of time.

It also helps to make sure all your plugins are up to date and you are running the most recent version of WordPress.  As a general insurance policy we also recommend taking frequent backups of your database and files so you can quickly restore your site to a working version if you do happen to become a victim of an attack.

Does all of this sound like Greek to you?

The good news is we provide everything described above AND more!  With three different WordPress maintenance and security packages to choose from we can secure your website, lock down your admin panel and make all the necessary backups for you.  Find out more at our WordPress maintenance page and as always contact us with ANY questions.

Sources: http://www.wordfence.com/blog/2014/03/large-distributed-brute-force-attack-underway-at-40000-attacks-per-minute/

Leave a Reply

Get in Touch

Please fill out the form below and we will get back to you ASAP

  • This field is for validation purposes and should be left unchanged.