TechyTrois
  • Home
  • Our Services
  • Blog
  • About Us
  • Contact us
  • Client Login
Select Page

Brute-force attack against WP-login page ?

by admin | Jul 9, 2014 | General, OpenSource, Servers | 0 comments

Bruteforce attack against wp-login.php is very common issue and
many users has been affected by this. In this scheme of attack,
the attacker is brute-force attacking the WordPress administrative
portals, using the username “admin” and trying thousands
of passwords using any configured botnets.

– In order to secure your WordPress against the attack, you might
consider the following :

* Changing the administrative username from the standard
‘admin’ to any less obvious ones.

* Upgrading the password to a much stronger one,
perhaps around 10 or 12 characters.

– There are also some plugins which can be used to limit the number of login attempts made on your site, or block people from accessing
wp-admin.

–> https://wordpress.org/plugins/limit-login-attempts/

– You can also use .htaccess rules to deny the connections from any
unwanted IP’s and allow just your’s. If you have a static IP, you can
give it or if it is a dynamic one with a common range, specify
it using the netmask.

Contents of .htaccess file may look like :

order deny,allow
allow from x.x.x.x ( 

– You can also use mod_security if its enabled with Apache configuration.

Submit a Comment Cancel reply

Recent Posts

  • Setting up Varnish in WHM – Cloudlinux Server
  • Simple backup script to offload WordPress daily backups to a remote server/storage
  • Virtualmin – not able to add more than 10 accounts !
  • VestaCP – Exim and dovecot issue
  • [proxy_http:error] cPanel creating Apache Proxy loop on Account transfers

Categories

  • Android
  • Apache
  • aws
  • cPanel/WHM
  • DNS
  • Firewall
  • General
  • IIS
  • Linux
  • Mail service
  • Microsoft Windows
  • MySQL
  • OpenSource
  • Plesk
  • Servers
  • SQL
  • SQL Server Management Studio
  • SSH
  • SSL
  • Ubuntu
  • Virtualmin
  • VMware
  • Windows 10
  • WordPress

Pages

  • About Us
  • Blog
  • Contact us
  • Home
  • Our Services
  • Our Services- INR
  • Privacy policy
  • Refund Policy
  • Terms and conditions

TechyTrois






 

Privacy Policy

Terms and conditions

Refund policy

© TechyTrois 2020-2021