Bulletproofing your WordPress site against a brute force attacBlogs throughout the world are reporting that there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence.

HostGator and LunarPages hosting both posted on what to do to protect your WordPress-based site:

DELETE THE ‘ADMIN’ USER FOR YOUR WP SITE

Before you do that, make sure to create a new administrator account, log out from the original admin account, log into the new account and only then attempt to delete the old admin account.

CHANGE YOUR PASSWORDS REGULARLY

That should be a no-brainer but it is surprising how many sites get hacked because of simple passwords being used. The Geek Stuff offers some ideas for creating strong passwords but if your WordPress is updated, it will tell you if the new password is strong enough.

INSTALL SECURITY PLUGINS ON YOUR WP SITE

A terrific WordPress plugin, Limit Login Attempts is a good start.

PASSWORD PROTECT YOUR WP-LOGIN PAGE

Your hosting company should offer this and if not, you should perhaps change your web hosting company. I can highly recommend LunarPages! Use code “aff15off” for 15% off of a new shared hosting account if you sign up today!

Stay safe!

One thought on “Bulletproofing your WordPress site against a brute force attack

  1. Also consider Cloudflare. They have revised their security rules to reduce the effects of the latest brute force attacks. Its available to both paid and free customers.

Leave a Reply

Your email address will not be published. Required fields are marked *