What is Brute Force Attack and how to protect your WordPress site?

zwol

New member
Registered
Joined
Apr 21, 2016
Messages
4
Points
0
You may be familiar with Brute Force Attacks if you use WordPress because this form of attack is always aimed at the common open source. What exactly is this method of attack? What is the harm of it, and how to prevent Brute Force Attack? Let's answer those questions now.

Protect-Your-WordPress-Site-From-Brute-force-attacks.jpg

What is a Brute Force Attack?
Imagine a hacker holding a huge list of common usernames and passwords. They use these lists to send continuous attempts to log into your wp-login.php. If the accounts are wrong, it will skip the next and try another account. Their script will continue this process of trying every possible combination until they eventually gain access to your system. This method is often used to detect and gain access to the administrator account.

This is a brute force attack.

When are you susceptible to brute force attacks?
This form of attack is easy to prevent but these attacks are also commonly successful, if you do not protect your WordPress sites. Often you will be vulnerable to this type when:
You set the username as admin, administrator or similar.
Password is not secure, easy to guess, or your using popular password.
No security log path.
Do not change your password regularly.

How to prevent a successful Brute Force Attack?
To decrease the chances of a hacker successfully gaining access to your WordPress site by brute force attack, use the following checklist:
• Username is difficult to guess.
• Password length, strong, special characters, and is not related to the personal information.
• Limit the number of failed log.
• Secure log path.
• Change passwords regularly.

So if you need to protect yourself against brute force attack, we encourage you to use the following plugins:

Better WP Security Hides your log path and limits the number of incorrect login attempts.
Login Security Solution Makes it mandatory to use strong passwords, change passwords periodically, and also limits the number of login attempts.
BruteProtect - Block bad IP queries and brute force type data.
Limit Login attemps - simply limits the number of failed logins.
If you want more security, you can use KeyCaptcha to add a photo based Captcha to your login area.

Summary

Brute Force Attacks are very popular today, especially aimed at WordPress sites because WordPress account for 19% of websites world wide, while the other open source CMS's like Joomla & Drupal ccount for only 3 to 4%.
Make sure your website is protected against Brute Force Attacks to limit the likely hood someone can access your administrator account!
 

Attachments

Dedmoi

New member
Registered
Joined
Oct 24, 2017
Messages
11
Points
0
As far as I know brute force it is trying to find the code/password it contains letters and numbers.Usually hackers uses this one to invade the privacy of someones account.In terms of your wordpress site as long as your password has letters and numbers and it has 8 and above content brute force takes 100 of years just to determine exactly your password.
 
Older Threads
Replies
2
Views
3,896
Replies
1
Views
2,176
Replies
1
Views
1,919
Replies
84
Views
35,478

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top