Brute Force Attacks On WordPress Sites
There is an attack on WordPress sites which means sites can and are being hacked. The intent of this Brute Force Attack is to find and compromise WordPress sites with simple passwords. More information on this in Forbes. The first thing you need to do is to secure your WordPress site by changing any site that you have with an easy login and especially a login with the word “admin” as the login.
Secure Your WordPress Site
First-check to see if you have a username “admin” in your users profile.
If You Have a Username “admin”
- Create a new user with administrator privileges.
- This time choose a very secure username and password. (store it somewhere safe)
- Exit out of your site
- Sign in using your new username
- Delete old “admin” username – IMPORTANT – be sure to assign all of posts to new user.
Next Steps To Keep Your WordPress Site Secure
Always Have a Back Up
Backing up your site has always been a good option but with hearing about this new attack on WordPress sites and that we may be vulnerable to being hacked it makes backing up your sites higher on the priority list. It would be nice to think I was prepared for this… Options:
- BackUp Buddy is a great plugin that will back up right now or as scheduled. Affiliate link BackUp Buddy
- WP DB back up plugin- this plugin will back up your data base
- BackUpWordPress – another plugin which I have been told about but have not yet used.
- Maintenance Package – If you do not want to hassle with this yourself check out our service that will back-up your site for you along with other necessities.
Delete and Update
This is not for the Brute Force Attack but in general to be as safe as possible delete unused plugins and themes and keep them up to date.
More Options for Security
If you are still worried about your site you can find
- Security Plugins
- BlueHost offers CloudFare
If you have any suggestions please send them in the comment s below. Thank you!