brute force attack

If you have been seeing the markedly increased amount of activity and alerts surrounding a newly reported wave of brute force attacks against WordPress websites, good for you! That means you are one of the people who are finely tuned to important news about your most important marketing and sales tool.

If you have not seen these alerts yet, fret not. It is never too late to take preventative measures against a brute force attack on your website. However, the timing of this particular post has been predicated on the increased sense of urgency to make sure we are all using the available, and often times free, WordPress plugins that are designed to prevent a successful attack.

As a first line of defense, I am recommending you immediately install a tried-and-true WordPress security plugin called Lockdown. It’s free.

I was made aware of this tool by a trusted friend and professional in the business, Tristan Denyer. I don’t know about you, but when somebody I know has already used a plugin or a theme or other useful tool, and then recommends it, it hold extra weight with me. Such is the case with Lockdown. Tristan had already been using this in his clients’ websites and was kind enough to pass along his experience to me.

The Lockdown plugin was updated within the last 6 months (good!)  and is currently compatible up to WordPress version 3.5.1. Here is the basic premise of what it does to prevent a successful brute force attack on your WP login page:

If a user enters the incorrect login information more than a set number of times (i.e. 3, 4 or 5), they will be locked out for specified period of time and not be able to login again. The length of time that they are locked out can be adjusted from the plugin settings area.

Lockdown your site today. It is an easy process and a must-do to protect your website investment on the integrity of your online presence.

Stay tuned for a few more upcoming posts, more detailed and with more free tips and tools for you to use during this latest wave of reported botnet attacks on WordPress-based websites.