Recently there has been a spate of distributed <span id="urn:enhancement-aa3e88a9-f945-474f-42c9-92302c69767c" class="textannotation disambiguated wl-thing wl-no-link" itemid="http://data.wordlift.io/wl0226/entity/brute-force_attack">brute force</span> attempts against <span id="urn:enhancement-6abb5a1b-62ca-43be-2435-263c328ed2b9" class="textannotation disambiguated wl-thing wl-no-link" itemid="http://data.wordlift.io/wl0226/entity/wordpress_2">WordPress</span> websites.
The way this works is, a network of "drones" attempt to log into your WordPress website using common usernames and passwords.
If you have an obscure username/password combination, you're most likely safe from this type of attack, but why take the risk? Follow our simple steps below to secure your directory using cPanel.
Log into your cPanel account:
Under the "Security" heading, select "Password Protect Directories":
A screen will popup, select the www/public html directory and click "Go".
On the next page, click on your 'wp-admin' directory.
Now fill in the details:
Click on Add/Modify authorised user, the page will re-load and the user will be listed. Tick the "Password protect this directory" box and give the login area a name - ie, WordPress Admins Only. Click on save.
Now when you visit your WordPress admin area you will be prompted for a username and password BEFORE you can access the WordPress login page:
Now, if someone wants to access your WordPress admin, and has somehow got hold of your password, they will need a seperate login to be able to access your login page, without having both username/password combinations they can do nothing.
Do you have any other WordPress security tips? Share them with us in a comment below.
Truth be told, it’s difficult for a web application that doesn’t have some kind of identification, even if you don’t see it as a security measure in and of itself. The Internet is a kind of lawless land, and even on free services like Google’s, authentication ensures that abuses will...
Although data persistence is almost always a fundamental element of applications, Node.js has no native integration with databases. Everything is delegated to third-party libraries to be included manually, in addition to the standard APIs. Although MongoDB and other non-relational databases are the most common choice with Node because if you...