More threads by Dan Foland

Dan Foland

SEO Director at Postali
Local Search Expert
Joined
Sep 25, 2018
Messages
110
Reaction score
137
The past week or so I've noticed a higher than usual amount of Brute Force attacks.I'm curious if it's just me or if others are experiencing the same thing? Fortunately our developers and security tools are great at blocking them.
 
I'm not sure I've seen an increase in attacks: they are pretty much a constant for WordPress sites.

This is a pretty good comprehensive guide to WordPress security: WordPress Security: The Ultimate Guide to Secure Your Website in 2018

And this is a guide to security plugins: 14 Best WordPress Security Scanners for Detecting Malware and Hacks

My personal choices for must-have security plugins
Also, never use the default Admin account. Set up a different name for the account and then delete the one named Admin.

Additionally, set up daily site backups, malware scans (ClamAV Scanner), cPHulk Brute Force Protection, and ConfigServer Security & Firewall if you can with your hosting and available resources and drive space.
 
To answer the original question posed by @Dan Foland
The past week or so I've noticed a higher than usual amount of Brute Force attacks.I'm curious if it's just me or if others are experiencing the same thing?

I have not seen an increase in attacks, but that's not surprising to me for two reasons:
  1. Attacks are now a constant with WordPress websites, as @djbaxter said.

  2. I don't need to manage or watch over security for my websites because virtually all of them are hosted at WPEngine. WPEngine takes care of all of that for us.

    I have been a WPEngine customer since 2013 and we have never been affected by any attempted attacks on our websites there. WPEngine is far from being the least expensive hosting service, but they fulfill my number one criterion: they are like dialtone.

    Let me explain: they are always there, working correctly, taking care of many, many things that I would otherwise have to take care of myself. I don't have to manage them, I don't have to measure their performance, I don't have to wonder whether I need to check up on them. They just always work. For me, at least.
That's my experience, anyway.
 
I suggest always running a parallel copy of your site in WAMP. That involves migrating your database to a local URL and copying the updated plugin folders from your live server to your WAMP server.

I just like to see that my database backups are "good". I want to see a copy of my site offline, since WordPress sites are always under attack when they're online.
 

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

Events

LocalU October 2024 Webinar

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Top Bottom