Wordpress wp-login.php Brute Force Attaks

Please check back here for updates.

Moderators: Design Team, Web World Tech Support

Wordpress wp-login.php Brute Force Attaks

Postby daveg » Thu Apr 11, 2013 2:18 pm

Hello,

Over the past few weeks we noticed a big increase in Wordpress bruteforse attacks. We recommend that all Wordpress users take the following steps to lock down their site.

1) Rename /wp-login.php to something else. Hackers will use bots to attack this address.

2) Change your username from "admin" to something more secure.

3) Update your user privileges. Not every user has to be an administrator.

4) Make sure your password secure with numbers, symbols and letters.

5) Restrict access to the /wp-admin/ folder and file by IP or password protect this folder. (Contact us to do this)

6) Use a plugin to restrict login attempts. These are freely available from the Wordpress site
Thanks
Dave Geoghegan
daveg@webworld.ie
User avatar
daveg
Rank: Supreme Member
 
Posts: 210
Joined: Wed Jun 07, 2006 5:33 pm
Website: http://www.webworld.ie
Location: Dublin, Ireland

Re: Wordpress wp-login.php Brute Force Attaks

Postby freemanhe1974 » Thu Aug 23, 2018 8:27 am

Thank for useful tips about access. My team of developing WordPress on https://itunes.apple.com/us/app/edusson ... 57905?mt=8 has just been changing the policy of working with this engine and your help is lucky in this topic.
freemanhe1974
Rank: Where's the 'any' key?
 
Posts: 1
Joined: Thu Aug 23, 2018 8:04 am


Return to ā€œ%sā€ Network, Security & Software Updates

Who is online

Users browsing this forum: No registered users

cron