WordPress sites have lately been the target of “brute force” hacking attempts, which is where the hacker basically tries a million passwords until they guess correctly. Today I will show you a quick and easy tweak to prevent that, using the “Limit login attempts” WordPress plugin.
For more WordPress training, check out my step-by-step WordPress course at http://artisteertutorial.com/wordpress-training/.
Hi Zach,
I have been using a better plugin which has those features built in.
This plugin will help you configure your site securely but to those that don’t really know wordpress, they will need to know a little bit (Watch Zach’s WordPress Videos) as it can mess up plugins if you make your site too secure ie read/write access etc.
Here it is:
Plugin name: Better WP Security by Bit51
What are some of the things it offers? (top 3 features, in your opinion)
Very useful plugin. Its also handy to remove the default ‘admin’ user and create your own user. Even better would be to create a random named user used only for admin purposes – all other users should be standard users only.
Rather than random bonkers names (eg, ‘5%4rf8JN’) which are impossible to remember, I’d recommend two unrelated words, eg, lemon and monitor, so the user would be lemonMonitor. The advantage of this is its easy to remember, but isn’t a dictionary word. Useful for passwords too.
The theory is, if the ‘hacker’ can’t find your admin username, then they can’t break into it either.
Nice, thanks for the tip Chris!
Zach, your information about the lockout plugin may come in handy for those who have used weak passwords or the default “admin” user name. You might want to add that an even better method to protect against these brute force attacks is to use a complex password, and non-default user name.
I think I’ll be installing the plugin just so I know when the brute force login attempts begin to die down.
For sure. But it’s still super-fun to know you’re hack-worthy, if nothing else. ๐
Great Video … Thank you!
It never occurred to me that any of my blogs would be of interest enough for someone to try and hack into them. Perhaps they have tried without success so far.
I am curious enough to check it out and see … so I will be installing this plug on a political site that I own. It appears over the past 5 years that sites is closely monitored by the government … LOL
Apparently this particular Administration is not warm and fuzzy about anyone who opposes them ๐
Lol, we will try to not go down that road of discussion. ๐
Hope you enjoy the plugin!
Zach, thanks very much….that was awsome…I had someone hack me the first time I put up the site….i purchased Akismate, which helped….
Got a question in reference to Artisteer….How do i know the write size of the blog , or widget…I like to place a photo in the widget space but the photos do not come out the same size as the widget….I like it to be perfect …instead of being off….Let me know….Contacted Artisteer and there explanation sucked…Mike
I suggest previewing it in the chrome browser and inspecting the code of the inside of a widget. When you hover over it, it will display its size in pixels. Here’s my free “CSS crash course” that shows you how to inspect code: http://artisteertutorial.com/free-css-crash-course/
Hey Mike,
I have always needed odd image sizes while designing my sites. A great “FREE” tool is PixelWindow. Its simple and very easy to use, and don’t forget the price.
http://www.pixelwindowapp.com
(BTW another awesome video Zach)
Seems like a cool tool!
I thought that was awsome…
I should really try this and see what happens!
Thanks, Zach!
Very Cool Zach,
I was just about to search for something to do just that. Now I don’t have to worry about it.
Thanks,
Another Cool Video by Zach.