WordPress brute force attacks have started cripling servers all over the internet. Our cloudlinux servers have managed to stay up which higher then normal cpu and ram usage. Other servers without cloudlinux haven’t faired so well. We started investigating these attacks on April 9th 2013, captured packets immediately to get the payload of these brute…
Over the past several years of working with small business owners and WordPress, we are often asked, “How often should I log into WordPress?” or related statements that begs the question.
Let me share with you some reasons as to why you should be logging into your WordPress content management system — CMS — or blog as often during the week as you are able to practically do so.
If you asked me from September 2012 forward, the answer would change dramatically with WordPress Brute Force Attacks now exceeding 50% of all attacks being reported.
If you review your or your hosting provider reviews your web site’s access logs on a regular basis, you can tell if there are Brute Force attacks being attempted on your WordPress site by seeing multiple requests to access the file wp-login.php from the same IP address over and over again. Sometimes it might be a single request every x period of time; other times it might be scores of requests from the same IP address. By the way, are you or your provider regularly checking your web site access logs for abuse?
How can you protect yourself against WordPress Brute Force attacks?
I recently had the wonderful opportunity to read a well written book by Melinda F. Emerson, Become Your Own Boss In 12 Months.
Melinda, who hosts the Small Business Chat on twitter every Wednesday night from 8 PM to 9 PM Eastern Time, focuses on helping people become entrepreneurs and for the small businesses they create to grow and succeed.
A lot about what Melinda shares involve proper planning and preparation.
Whether you have been in business for many years, or are just starting up… did you know that if you properly plan and prepare for your ecommerce store you greatly increase your opportunity to succeed?
Hopefully you log into your WordPress administration area on a regular basis to see if there are updates (or maybe you are using WordFence or another tool that alerts you).
Before you check the check boxes or otherwise press the update button, are you taking the following measures to protect the investment of time you have in your site?
Generally you wanted to be on the very latest version of a WordPress plugin.
However, there are times you do need to be one or more versions behind.
So, how do you downgrade a WordPress plugin?
What is the WordPress White Screen of Death?
It is when you go to your site and see just a blank, empty, white page rather than your site.
While you may not have known the name of the problem, it is something you can experience with WordPress (as well as other content management systems).
Now, let’s go over trouble shooting the issue so you can have your web site back online.
An ounce of prevention is worth a pound of cure.
Let me share steps you can take to make your WordPress site more secure against hackers.
Here’s a simple step you or your hosting provider can perform to allow you to have one click updates with WordPress without the need to enter FTP information.
WordPress is a full content management system which allows individuals and organizations to design their own site in a very visual way.
I would like to share how we have been helping our managed hosting customers make the move to WordPress.
Author: Peter Abraham; Published: Jun 14, 2012; Category: Customer Support, Managed Hosting, PCI Compliance, Security, Small Business, WordPress; Tags: hosting, Security, service, WordPress; No Comments
Quality hosting is probably harder to sell than the design services, which are more up front and obvious.
Web site design is very visual. Designers can white board, story board, and show you successful sites they have created in the past.
What can a web hosting company show you, visually, that they are unique as well as the being the company for you?
Over the past 17 years, I’ve found security can often be like a full squadron of obtrusive bouncers who make you want to leave before you get within 50 yards of the door.
Wouldn’t it be great to have a WordPress security plugin which was more like Dalton (Patrick Swayze) in RoadHouse who worked to have bouncers be as inconspicuous as possible; only coming out when needed, and only using what force was necessary to get the job done?