Wordfence have recently published a post that explains, in simple layperson’s terms, what a ‘brute force attack’ on a website is, how it can happen, and what it might be trying to achieve. It also gives the very simple steps you can take to secure your site against this kind of attack. Simply put: don’t have administrator-level accounts you don’t need; avoid using obvious usernames for them (if you have a user account named ‘admin’, it is a security risk, and you may want to consider deleting that account – but don’t forget to create a new account for yourself first!); and make sure all your users have strong passwords.
All of these things make your site much, much less vulnerable, and I can’t stress them strongly enough – in my regular checks on all the sites, I see that there have been thousands of password attempts made on some of them, which can be quite scary! I work hard to do what I can to help keep your sites secure – we have great hosting, we install and configure Wordfence defences on all of the sites, and I manually check your site myself on a regular basis, to make sure that your software is up to date (please update your software whenever you get an update notification!), and to see what level of attack your site has been subject to, and what I can do to prevent further similar attacks. It really is happening right now – bots are probably trying to access your admin-level dashboard as I am typing this – and there are very simple steps you can take to deny them access.
Ok, I’ll stop ranting about it – here’s the article: https://www.wordfence.com/learn/brute-force-attacks/. It’s very interesting, and explains things really clearly.
Don’t forget, if you want any help with security-related things for your site, please feel free to contact us at iChurch.
- You must be logged in to reply to this topic.