Is Your WordPress Blog Wearing Protection?
The WordPress admin is fairly vulnerable to hackers. Hackers know where the admin is; they know the username for the admin is usually “admin”, so that only leaves one problem – the password. For a hacker, that’s not a really big problem. Just run a brute force attack and in a matter of time, there’s a good chance of figuring out the password and logging in. What comes next? Anything the hacker wants, including destroying the blog you’ve worked so hard on.
A good friend of mine just finished creating a WordPress plugin called Login LockDown that aims to make that task much, much more difficult for a hacker. The plugin records makes a record of the IP address every time someone attempts to login to the WordPress admin. After 3 unsuccessful tries (number is configurable), the IP address is locked out from any further attempts for an hour (also configurable). You, the admin, can unblock an IP if needed.
I installed the plugin and it installed without a hitch. I then tested it, and it worked flawlessly.
I HIGHLY recommend that everyone install this WordPress security plugin to prevent any problems with hackers taking over your blog.
Tags: admin, hackers, login lockdown, plugin, protection, security, vulnerability, WordPress
Share and Bookmark This Post
An ebusiness coach, web developer, Internet Marketer, SEO, and all around web geek who makes her living from home doing all of the above.
Great tip; thank you. I have installed and am now using the plugin.