You are likely familiar with WordPress, if not well – interesting 😉 anyhow, you may also have heard about the recent attacks on wordpress blogs by a worm like virus/malware? Attacks on WordPress installations is not something new, it has always been there as it’s such a popular platform however time has revealed some not so smart features with wordpress security, one thing is that you can try to log in as many times as you like without any action being taken – hence there is nothing to stop a brute force attack on your wordpress installation’s login!?
Well Wordfence to the rescue, a simple plugin you install on your wordpress installation that all of a sudden offers you a ton of cool security features, I will just mention a few here – for the complete listing visit their website..
- Login limiter – limit how many incorrect passwords/usernames are accepted
- Site and theme scanner – scan your wordpress blog for changes
- Block unwanted IP’s from accessing your site
- Manage crawlers (search engine index bots)
- and many many many more cool features
You can define what the reaction to different attacks, eg. block IP/Lock account for xx min/throttle traffic.
Now a thing like that must cost a fortune you say!? well no, there is a TOTALLY FREE version with basic functionality (enough for most I would say) and the deluxe version which cost a bit.
Now after adding this you should also add Two Factor Authentication, eg using “WordPress Google Authenticator Plugin” – http://wordpress.org/extend/plugins/google-authenticator/screenshots/ Or one of the other TwoFactor authentication solutions out there.
So, what are you waiting for 🙂 protect your WordPress blog now 🙂