Pay Attention: Global Brute Force WordPress Attack

WordPress Brute Force AttackIf your site is on WordPress — pay attention! I Tweeted about this yesterday which produced a flood of questions about what was going on and “what to do”.

The Basics…

This month there has been a concentrated effort to go after WordPress sites with a brute force bot attack. One of my sites was caught in the beginning stages of this attack. Being my site’s are secured, the site was not hacked and this effort was only was a resource drain on my server — which caused a different set of problems.

This weekend, a large network of over 90,000 IP addresses have ramped up their use of a brute force attack to target WordPress Blog installations primarily looking for Blogs using the default username “admin”.

Change Your “admin” Username and Strengthen Your Password

If you still have a user account with the username “admin” or if you are still using that account as your primary login, this is what you need to do — right now! Everyone I work with is advised to ditch that account and setup a new “admin” with a different username. Some do; many don’t. If you still have that account in place and haven’t had your site compromised yet, you are on borrowed time.

First, login and setup a new admin account with your new username. Choose a password that is at least 8 characters long that includes: small case, UPPER CASE, numbers and special characters (^%$#&@*). Log out. Then log back in with your new admin account and delete the old.

There are a couple plugins I use that you can also add to further secure your site:

If you want to know more and discover additional options and practices to get in place, check out this article on KrebsonSecurity Brute Force Attacks Build WordPress Botnet — everything you need to know.

At your service,
Judith

Please do share!Email this to someoneTweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+
Judith
I’m here to help those who want to succeed and are looking for an advocate they can trust and rely on — for the long haul. Whether it be WordPress Help and Support, Blogging, Content Management or Online Marketing; I am here to bring a sense of reality, excitement and vision to your program. More Info...
Judith

@istudio

"It is always your next move." Napoleon Hill #WordPress Consultant & Online Business Coach | The IStudio® Est. 1995
It's heeeeere! #WordPress 4.1 "Dinah" has dropped! Info and how to update: http://t.co/OZidUN1jj9 http://t.co/7S2hOeNgmw - 3 days ago
Judith
Judith

Latest posts by Judith (see all)

Judith
Let's go over your Website and discuss how we can take your business to the next level! Get actionable tips and info you can put to work today!

Click to schedule* your personalized one-on-one session now for only $147! Let's do this!

*I can only accommodate one or two sessions each week.