By now you must have read and heard in news reports about the brute global attack on WordPress websites. According to Mark Maunder, creator of Wordfence, brute global attacks are ongoing and this time they have increased in frequency. There are over 90,000 IP addresses involved in this attack which means they are massive and well distributed.
Here are five things to do immediately to protect and secure your WordPress website:
1. Change your password
If you have been using the same password for months or years, it is time to change the password. Don’t use the same password for everything. Create a password for your WordPress website that is uniquely different from other logins.
2. Don’t use simple passwords
Your website is your asset. Protect it with passwords that have numbers, lower and upper case letters and special characters (@#$%^&*). Don’t use passwords like “diana123” if your name is Diana.
Here are two recommended websites to help generate strong passwords for your WordPress website, emails, Facebook or anything that needs a password.
Passwordsgenerator.net (I like this better)
Have at least 8 characters, 15 characters are preferred.
3. Delete all default accounts with names like ‘admin’
Brute force attack has machines that are trying to guess your password. Using a default username like ‘admin’ and simple password can lead to successful attacks from these machines. Because the bots are specifically looking to gain access to websites with login name “admin”!
Rename ‘admin’ immediately with an obscure name.
4. Delete or disable all unused plugins
Unused plugins must be disabled or deleted as soon as possible.
You can do-it-yourself to check the security of your site by installing Wordfence Security. Here is a link with a review and things to look out for when you read the data.
5. Install “limit plugin attempt” plugin
Here is a link to a plugin which limits the number of retry attempts when logging in for each IP and more.
If you have no time or need help in securing your website, our Support Staff are here to assist you. Purchase one time Support service on our site “Support Options” page to get help ensuring your website safety against this attack.