Hi,
the brute force attacks against WordPress sites just doesn't end, hackers are constantly recruiting new blogs for their 'Zombie' army, which side on you on?
Make sure you're not part of the 'Walking Dead' Here
"Botnets" use hundreds of thousands of unique IP addresses (from compromised/hacked 'Zombie' computers across the world) to attack hosts across the globe, specifically targeting WP Blogs.
Brute force attacks against WordPress have trebled in recent months!!!
Even big web hosts have been warning their customers about this, some have even had to take drastic measures to keep their servers and their customers sites up and running, even so far as to globally disable access to wp-login.php on sites, so their owners are locked out until the host can put a better solution in place.
Botnet's like this mainly target /wp-login.php and /wp-admin to try and get access using brute force, and obviously the main target for login attempts is the default username "admin".
Does your blog login use the username "admin"..?
The top passwords targeted include some fairly obvious one's, make sure you're not using something as weak as any of these:
admin 123456 666666 111111 12345678 qwerty 1234567 password 12345 123 123qwe 123admin 12345qwe 12369874 123123 1234qwer 1234abcd 123654 123qwe123qwe 123abc 3123qweasd 123abc123 12345qwert
if you are using something like this then you may already be hacked...
so what about some practical advice...
The most important thing you can do right now is:
1. Make sure you have a super strong password
Extras Tips:
1. delete any unused plugins & themes
2. setup an "admin" that doesn't use the name "admin", and delete the one that does
3. make sure all your plugins, themes & version of WP are up to date
Note: If you provide SEO or website services to clients you can even use these premium plugins to offer a high value service to your clients...
Hit the button below to get this sorted today: |