Wordpress bruteforce attack

[markp]

There is an ongoing and organized attack on wordpress sites globally and in the last 24 hours the attacks have escalated significantly with a massive number of IP addresses now involved in this. I have seen a ton of sites compromised since yesterday alone and lots running slow or failing to open. Lots of sites have also been hacked with hundreds of links embedded in them to spam sites, then hidden so only the search engines can see them and many users are unaware they have been hacked.



If you have a site running wordpress I would change your default login from admin and use a secure password using a secure password generator (google it) which you should do anyway. There are other steps you can take but this will go a long way to stopping this from happening to you by using a secure password that is not going to get brute forced.

[musiclover]

Oh god! Thanks Mark!

[musiclover]

Oh god! Thanks Mark!

[musiclover]

Reply to @vedmak: I just did a search on google and all I could find was a plugin called Roots Hide WP. Is that what you use?

[musiclover]

Reply to @vedmak: oh okay. Thanks.

[musiclover]

Reply to @vedmak: oh okay. Thanks.

[markp]

@musiclover there are free plugins available that are pretty good as well

[markp]

@musiclover there are free plugins available that are pretty good as well

[musiclover]

Reply to @markp: Really? I couldn’t find any. Do you know the names? I could only find articles on different ways to do it manually, but honestly I don’t want to start messing around with the coding.

[musiclover]

Reply to @markp: Really? I couldn’t find any. Do you know the names? I could only find articles on different ways to do it manually, but honestly I don’t want to start messing around with the coding.