Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

All code examples must follow the Markdown rules as this site uses Markdown. If you don't know how, click here for a tutorial. Any code examples not using Markdown will be deleted.
All code examples must follow the Markdown rules as this site uses Markdown. If you don't know how, click here for a tutorial. Any code examples not using Markdown will be deleted.

Wordpress!

A number of our smaller websites are based on WordPress and I thought I would start a thread in regards to things we have seen and tips I have picked up.

Over the last several years as some of our sites grew in popularity I have noticed more unwanted attention and attack attempts. Some of those attempts were successful and we lost sites (ALWAYS HAVE BACKUPS). I am not sure of the intent of the attacks but it seemed to me that it was just to take us offline as the sites were basically deleted and no data was taken.

I found since installing the plugin WordFence that all of these and other attempts have stopped - so I highly recommend you look at it for any of your WordPress based sites.

data66

Comments

  • I'm using Jetpack on ours. https://jetpack.com/ .

    Thanks for posting this as it will help others looking. Hackers do stink.

    Zixia604
  • We use Jetpack as well - it does not protect to the extent that WordFence does

    data66
  • @Zixia604 said:
    A number of our smaller websites are based on WordPress and I thought I would start a thread in regards to things we have seen and tips I have picked up.

    Over the last several years as some of our sites grew in popularity I have noticed more unwanted attention and attack attempts. Some of those attempts were successful and we lost sites (ALWAYS HAVE BACKUPS). I am not sure of the intent of the attacks but it seemed to me that it was just to take us offline as the sites were basically deleted and no data was taken.

    I found since installing the plugin WordFence that all of these and other attempts have stopped - so I highly recommend you look at it for any of your WordPress based sites.

    I think that for the most part you will find it is spotty face skiddies (script kiddies) trying to crack sites for the he'll of it, if it was deleted then, they must have had access to ftp of cPanel I would think, so I would take a look at your computer for malware or assess what ftp client you've been using.

    However, to completely delete a site, rather than pwn it does seem to indicate that maybe one of competitors wanted you gone.

    As for wordfence I can also +1 that... even the free version is enough to keep most of them pesky skiddies at bay.

  • Wordpress need to add a way for site owners to easily change the admin url. At present I think you need a plugin for this. This would be a good start because everytime I see an attempt to get crackling my site, the first port of call is. mysite.com/login.php

    Kirkus
  • That would definitely be a plus. vBulletin has a setting that does just that - it allows you to change the admin control panel URL.

Sign In or Register to comment.