Is Your WordPress Blog Wearing Protection?

Donna — Wed, 29 Aug 2007 16:25:26 +0000

The WordPress admin is fairly vulnerable to hackers. Hackers know where the admin is; they know the username for the admin is usually “admin”, so that only leaves one problem – the password. For a hacker, that’s not a really big problem. Just run a brute force attack and in a matter of time, there’s a good chance of figuring out the password and logging in. What comes next? Anything the hacker wants, including destroying the blog you’ve worked so hard on.

A good friend of mine just finished creating a WordPress plugin called Login LockDown that aims to make that task much, much more difficult for a hacker. The plugin records makes a record of the IP address every time someone attempts to login to the WordPress admin. After 3 unsuccessful tries (number is configurable), the IP address is locked out from any further attempts for an hour (also configurable). You, the admin, can unblock an IP if needed.

I installed the plugin and it installed without a hitch. I then tested it, and it worked flawlessly.

I HIGHLY recommend that everyone install this WordPress security plugin to prevent any problems with hackers taking over your blog.

© Donna for DazzlinDonna, 2007. | Permalink | 2 comments | Add to del.icio.us
Post tags: admin, hackers, login lockdown, plugin, protection, security, vulnerability, WordPress
This feed is for personal non-commercial use only. If you are not reading this in your news aggregator/reader or on DazzlinDonna, then the site you are looking at is probably infringing upon my copyright.

DazzlinDonna » protection

Is Your WordPress Blog Wearing Protection?