WordPress breakins thwarted with Login Lock

July 14, 2012

Computers, Security, Website

 

I installed a Plugin called Login Lock by Mark Edwards and I’m so glad I did.

Login Lock is doing a great job protecting my sites and letting me know what IP address is trying to break in to my site.  On one of my other sites, I’m getting more attempts to break in every week.  Right now I only have one user on this website.  If someone attempts to login they need to know the username and password.  The default username is Admin.  However, I have changed the username on all my websites from Admin to, well… something else, and I would suggest you do the same.  After a few unsuccessful attempts to login, the Login Lock plugin disables access from that particular IP address and sends a message like the following:

This notice is to inform you that someone at IP address 88.99.999.999 tried to login to your site  and failed.

The targeted username was Admin

The IP address has been blocked for 120 minutes.

 

As you can see the person trying to break into my site was counting on the fact that most people do not change the default username (Admin).  Once I get this message, I block that IP address from ever connecting again by using the IPdeny tool in Hostgator’s CPanel.

So, change your WordPress username and always have long passwords on all your accounts.  I would suggest 14 characters at least on all your passwords, whereever you use them.  Also, your password should contain UPPER CASE and lower case characters as well as numbers and special characters.

Let me know if you have any questions or comments.

, , ,

No comments yet.

Leave a Reply