Wordpress wp-login.php Brute Force Attaks

Please check back here for updates.

Moderators: Web World Tech Support, Design Team, Design Team, Web World Tech Support

Wordpress wp-login.php Brute Force Attaks

Postby daveg » Thu Apr 11, 2013 2:18 pm


Over the past few weeks we noticed a big increase in Wordpress bruteforse attacks. We recommend that all Wordpress users take the following steps to lock down their site.

1) Rename /wp-login.php to something else. Hackers will use bots to attack this address.

2) Change your username from "admin" to something more secure.

3) Update your user privileges. Not every user has to be an administrator.

4) Make sure your password secure with numbers, symbols and letters.

5) Restrict access to the /wp-admin/ folder and file by IP or password protect this folder. (Contact us to do this)

6) Use a plugin to restrict login attempts. These are freely available from the Wordpress site
Dave Geoghegan
User avatar
Rank: Supreme Member
Posts: 210
Joined: Wed Jun 07, 2006 5:33 pm
Website: http://www.webworld.ie
Location: Dublin, Ireland

Return to ā€œ%sā€ Network, Security & Software Updates

Who is online

Users browsing this forum: No registered users