Keeping your WordPress Blogs Speedy & Secure

BotNet attacking WordPress hosts with brute-force password attempts

Ars Technica reports a BotNet with 90,000 IP addresses is trying to brute-force WordPress installs via password guessing.
BlogSec.net recommends performing the following steps immediately to protect your sites from getting hacked:

  1. disable or rename default admin accounts (replace them with different name-based accounts with strong passwords)
  2. limit the number of admin / network admin accounts
  3. install a plugin such as Limit Login Attempts

Pass-Phrase advice cartoon

Comments are closed.