Warning: session_start() [function.session-start]: open(/tmp/sess_45fip3lmeqp2e932mt3rjq9it5, O_RDWR) failed: Disk quota exceeded (122) in /home/vipozico/forum.tutorials7.com/qa-include/qa-app-users.php on line 143
Bruce-Force Attack on WordPress Sites!
By using our mini forum, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy

Q: Bruce-Force Attack on WordPress Sites!

+13 votes
My WordPress site was hacked with Brute Force attack! I've recovered but I am writing this post to let you know that there is a massive BruteForce attack movement going on! Please share your ways of securing your WordPress site - so more people are prepared for the unwanted visitors!
asked in Web Development category by user eiorgert

4 Answers

+5 votes

Yeah, a lot of WP sites have been hit recently... more than 90,000 blogs and counting... Here are my methods I am using for my WordPress blogs:

1. NEVER, EVER use admin as your username! Forget it! use some other stuff instead! 50% of Brute force job is done by leaving admin as your default username!

2. ALWAYS BACK-UP your site(s). Whether they are HTML, Flash, Joomla or WordPress - use appropriate plugins, components, security based web services, etc.! Do not underestimate the backup process of your database and site as a whole!

Here are the plugins I am using to avoid my WordPress CMS site being hacked:
1. Limit Login Attempts - easy to use WP plugin which will limit the rate of login attempts, including by way of cookies, for each IP. It is also fully customizable.

2. WP Database Manager - always make a weekly or monthly back-up of your DB! The plugin also allows you to e-mail the backed up Database!

3. Do not use passwords which are really easy to guess! Like: "admin," "qwerty," "123456" and "password" instead use capital letters, numbers, signs such as #&$*%^@ etc. Again - do not help hackers with their job!

At the end - be always prepared!

answered by user matthew44
edited by user golearnweb
+2 votes

Read more about Brute-Force attacks here - https://en.wikipedia.org/wiki/Brute-force_attack

answered by user richard8502
edited by user golearnweb
+1 vote

Here is a video from Google team (explaining about malware):


answered by user andrew
edited by user golearnweb
+2 votes

This article is a nice one for your wp security issues - https://www.dailyblogtips.com/wordpress-security-mistakes/

And this one: https://www.myoptimind.com/10-ways-to-improve-wordpress-security/

I hope it helps you in some ways.

answered by user ilinkthreesixty2
edited by user golearnweb