I’m seeing reports all over today about the massive hacks and brute attacks that are spreading throughout the world and taking out servers and wordpress sites. It’s easy to see these articles and hope for the best, but instead you should be taking action.
Here are a few of the articles making the rounds:
- Mass WordPress Brute Force Attacks? – Myth or Reality
- Global WordPress Brute Force Flood
- WordPress Hack Alert – April 2013
As you can see, it’s getting pretty nasty and the coverage is all over the place.
Here’s what you can do to bring in some extra precaution to keep your blog safe.
1.) Change Your Passwords
Obviously the best thing you can do is change your password to something very complicated. Use capital letters and a mixture of numbers. The more characters the better. This is software going through millions of passwords, not someone trying to guess it!
2.) Change Your Login Name
As a default you are setup with the username of “admin” for wordpress. Changing your login to something more complicating will definitely help increase your chances of not getting hacked.
3.) Install “Limit Logins Attempt” Plugin
There is a cool plugin that Don Schnure recommended and it’s called “Limit Logins Attempt“. It does exactly what it sounds like… if you try to login too many times with the wrong information, it will lock you out.
4.) Get Backup & Security Services Setup
Lastly, the best thing you can do to keep yourself safe is to make sure you always have a recent backup of your blog and a security system in place. I use VaultPress and Sucuri. Between the two of these teams, I am very confident about the security and future of my sites. I also recommend you take a look at CodeGuard and BlogVault.
Lots of bad stuff going on out there right now and many people are losing their sites and data… make sure you take action now before it’s too late!