What's New
Off Topix: Embrace the Unexpected in Every Discussion

Off Topix is a well established general discussion forum that originally opened to the public way back in 2009! We provide a laid back atmosphere and our members are down to earth. We have a ton of content and fresh stuff is constantly being added. We cover all sorts of topics, so there's bound to be something inside to pique your interest. We welcome anyone and everyone to register & become a member of our awesome community.

Wordpress Brute Force Attacks

netsavy006

Im Andy
Member
Joined
Jun 17, 2010
Posts
527
OT Bucks
1,412
If you own a wordpress blog/site, you will want to watch this video done by Lisa of 2createawebsite.com about brute force attacks and how to secure your blog today:

www.youtube.com/watch?v=MS-OSKT4Xyc
 
I knew about this but I have a really long, strong password so I wasn't too bothered. I have now however installed that plugin. Cheers.
 
KaPOWitsCHRIS said:
I knew about this but I have a really long, strong password so I wasn't too bothered. I have now however installed that plugin. Cheers.

Well, they always say you can never have too much protection! So honestly, the more you have in terms of protection, the better off you are. . Usually.
 
I rarely blog, and when I do it's on Blogspot. Nothing important though, and it uses a throwaway email address, as well as a different password. That said, I'm skeptical. Doesn't it seem odd for them to say in one breath hey, there's an exploit to get into your account! INSTALL THIS RANDOM SOFTWARE NOW!

Maybe that's how they get you. Or maybe I'm just far too paranoid.
 
◢Dagger◣ said:
Maybe that's how they get you. Or maybe I'm just far too paranoid.
I can't say the thought didn't come to mind, but the plugin is hosted on the Wordpress site and you can freely read through the code so...
 
Here's an interesting story.

Over the past few weeks someone or perhaps multiple people have been trying to hack into my website. I was still using the default 'admin' username when it first began but they weren't trying that account so I changed it to be on the safe side. Anyways now they are trying to login with 'admin' but of course that account no longer exists so they've still got to guess my username before they can even get close to my password. Plus they keep getting locked out after every 3 failed logins.


It's hilarious to watch though cos I get emails every time they get locked out. I want to ban them from accessing my site but the IPs keep changing so they're using a proxy or VPN making it impossible for me to keep them away. Regardless, I am safe sort of thanks to this thread :)
 
Back
Top Bottom