Word. Press › Support » Disturbing login hack attack using real usernames. The real user names are visible at the top of every page and post, right next to the date. Just mouse over the displayed name and look at the URL. It's right there. There is a LOT of login attacks on wordpress sites this week, it does not necessarily mean that you have been recently compromised. BTW, login attacks like this will not only try "admin", they will also use the name of the website too, so also avoid that choice, and any related names, for your admin username. HI Anshul, Thank you for your comments. Of course there are many other ways how one can hack WordPress but this article is specifically focusing on this particular. . using an actual domain name for a WordPress site. WordPress Hack Reveals Admin Login Name You have to go into the database to fix this. Big News [April 24th, 2012]: I’ve launched Wordfence to permanently fix your WordPress site’s security issues. Click here to learn more. I’m getting emails from. Presented by Daniel Kanchev. 8 Ways to Hack a WordPress website 1. 8 WAYS TO HACK A WORDPRESS SITE WordCamp Porto 2013 Daniel Kanchev. To that end if you want to hide the admin user name, and ensure that current attacks can't get in, don't publish a post with admin as author. If you like, you can create another user account (as contributor, say, thus limited capabilities even if the account is compromised) and assign any posts previously published by the admin to that user. Then create a new user account with an unguessable user name and a secure password. Make it an administrator. Log in with that account and delete the original admin account. Any posts authored by that original admin account will be reassigned to an existing author (you get to choose which one). Of course if your passwords are strong you have little to worry about from login attacks. The attacks that I'm seeing are using a standard list of common weak passwords. With some time and thought, you can choose a very strong password that is easy to remember. It is very worrying when you see attacks try a real existing user name but if the password is strong, it doesn't really matter.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
October 2016
Categories |