Thursday, April 18, 2013

How to protect your WordPress from attack?

An continuum attack on WordPress-based websites has compromised more than 90,000 blogs, but there are simple ways to make sure your blog won't be next to fall and be safe from intruders. Brute-force attacks, as their name would suggest, are some of the least sophisticated hacks out there, rapidly cycling through common directory names, passwords and IP addresses in order to access private files through sheer dumb luck. The bad news is that such attacks happen to WordPress blogs tens of thousands of times per day; the good news is that stopping them cold is simplicity itself. An security firm called Sucuri examined the data logs from its own WordPress blog and discovered that between December 2012 and April 2013, hackers had launched almost 5 million brute-force attacks. The attempted hacks used very predictable patterns. To log into protected accounts, the hackers tried five usernames in overwhelming numbers: "admin," "test," "administrator," "Admin" and "root." The 90,000 WordPress blogs that got hacked and roped into joining the attacking botnet generally possessed easy-to-guess usernames or passwords, and their takeovers most likely could have been prevented with some creativity. If you use common usernames or passwords for WordPress login credentials — or for any other information you store on the Web — simply changing them to something uncommon will prevent the vast majority of brute-force attacks. Making them hard-to-guess will render you all but immune. One interesting bit of data that Sucuri gathered involved "common" passwords that didn't appear to be common at all. The attackers made thousands of brute-force attempts with passwords such as "#@F#GBH$R^JNEBSRVWRVW" and "RGA%BT%HBSERGAEEAHAEH." These strings of letters and symbols do not appear to have any kind of pattern, yet are too consistent and repetitive to be truly random. Both the Sucuri experts and the commenters on its blog posting were stumped, and feared that brute-force hackers might know something they don't. Our own efforts to discover the root of these supposedly common passwords came up dry. After breaking down the character strings into a binary code of 1s and 0s, we tried to translate them into other character formats, hoping that the passwords might mean something in non-Latin alphabets. Nothing recognizable came up. Although brute-force attacks are very easy to avoid. If you're going to get hacked, at least make sure that the attacker has to put some effort into it.
Share this post:

10 comments:

Jacobus said...

5 million brute attacks? I have been reading several stories now in the last few days about these attacks but I had no clue we were talking millions here. But I must say also the solutions vary and I have seen solutions which makes it practically impossible to login yourself! :-) I have had my share of attacks in the past few years but lately I have no problems anymore I must say. Let's hope it stays that way. Thanks for the explanation about the attempts with the very unusual passwords. I had no idea it was all so crude what they were doing and just based on dumb luck. That makes me sleep tonight! :-)

Anonymous said...

Demand is strong and expected to increase over
the coming year. If you wish to answer a quick question, again, use your
Smartphone to go online and search for that quick answer.
Moreover, it has been observed that Apple's i - Phone apps access personal data without asking user's permission the way it should be.


Here is my webpage samsung galaxy s4

Anonymous said...

Samsungs true rival certainly being is interesting
when you hear what people have to say about these two leading end tablets.
1 tablet supports 1080p HD video playback with 1280x800 capacitive
display, which will bring you an exciting movie enjoyment.

It is priced at around $399 with a 2 year contract and $599
without one.

Look at my page; samsung galaxy tab

Anonymous said...

Even though there are only 19 focal points, as opposed to Nikon's 39, the quality is still unparalleled. The Canon products are not only high in quality but also available in worthwhile cost range. But there are only a few that put out top quality cameras.

My homepage; canon 6d

Anonymous said...

This runs you through various steps such as choosing your country and language and what specific elements you want to install.
The Nexus S, however, has flash while some variants, such as the Samsung Vibrant
and Captivate, of the Samsung Galaxy S do not.

Samsung galaxy has been developed as a star model that is available at best
bargain deals.

Also visit my web-site; samsung galaxy tab

Anonymous said...

Generally speaking, customer feedback based improvements made everything much easier
to handle. If you are searching for a camera that
shoots high quality video clip and stills then this a single is for
you. Compared to the standard prices of camcorders, a DSLR holds its own.


Check out my webpage ... canon 5d mark iii review

Anonymous said...

However, the spokesperson further clarified that the Galaxy S4 in the UK will be available with a 1.

Another deal offering LCD as gift item covers a tariff offering.
i - Phone application developers and Apple app store still holds unmatchable
number of apps in terms of quality.

Here is my site - samsung s4

Anonymous said...

Cortlandt Manor rosacea laser treatment

my web page - rosacea laser treatment does it work

Anonymous said...

Yard - check for ant hills or evidence of
moles and other insects that can damage your lawn. On the website or through the
smartphone apps, you can view your energy usage and compare your usage to people in
your geographic region or across the globe. To save energy, the aim
was for residents to program their schedules for
regulating home temperatures, which proved to be complex and
not popular in use.

My web page ... nest thermostat

Anonymous said...

The only clicks that count toward the monthly
totals come from web searches like Google or from visitors who have clicked
on a laptop after visiting our "Notebook Database" or inside our forums.
Irrespective of class and standard, this most significant communication tool is now important for all as we need food, water, shelter etc.
Here's why:Insulting advertising - I don't just mean the old ads that slam Apple fans
(everyone bashes on Apple fans these days).

Feel free to surf to my web site - samsung s3

Post a Comment