hacks

Secure your blogs from brute force attacks before it's too late

by
published on
[For word press blog authors only] Sharing my personal experience: I usually keep a very close eye on my blogs access status. Recently found out some disturbing activity on my blog access log. Some one was trying to access the admin console of my website. Going through more logs figured out that it was a Bruit force attack constantly going on on my blog. Check the visual report of few days back.
20140209-005020.jpg
There was almost 700+ unsuccessful attacks logged in my blog log! I AM SCREWED! [Do you think your blog is secured and no one is trying to knock it off.. How about installing a activity monitor and see it yourself!The one i used above isĀ ThreeWP Activity Monitor ] I immediately took a backup of the site and first thing I tried was change my password to a very secured one. Then I moved my wp-admin page to a different URL! Attacks were not reduced. Site has became slow now because of such huge number of hits! I was super PANICKED! I even contacted my ISP and they said they don't know what to do. Somehow I was not surprised. By this time it was couple of days and I had around 30 pages of invalid attempts log! I was trying all possible solutions over interent, changing the access page, adding captcha on admin login, account lock bla bla bla. Nothing seems to stop this attacks! Finally help arrived from a guy in reddit! Got a plugin called BruteProtect. This company made a clever plugin and was a real lifesaver! These guys figured out that the hackers who try to access the sites are randomly choosing websites and trying to BANG them. So they created a simple plugin which would find out all the IP address which we're trying to make invalid attempt on various blogs. They will log this data from various blogs across the globe and blacklist those IPs. When some one with these IP address tries to access the website they will simply block the webpage to even show up!
Screenshot_1
It may sound a simple idea but I salute to the guys behind this! Just after installing this plugin, finger crossed , I have 0(ZERO) attacks still now! So if you are a independent blogger make sure you keep a close eye on the activity log and use these plugins to keep your data safe!