Prevent Hackers Targeting Me

15 replies
Hi All,

I have a website, that isn't very popular or big but for some reason has become a massive target for hackers (What I believe are hackers anyway).

I have WordFence installed and for about the last 2 weeks, everyday without fail someone is trying to login to my Admin account.

I've reverse searched the iP trying to connect and they are generally from China, Russia and Vietnam.

Is there anything I can do to put them off?

Thanks,
Alex.
#hackers #prevent #targeting
  • Profile picture of the author laurencewins
    Disconnect from the internet permanently. That's the only guaranteed way.
    Seriously, I can only suggest strong passwords and keep everything secure and do regular backups.
    Signature

    Cheers, Laurence. Read my Warriors for Hire ad.
    Writer/Editor/Proofreader. Place orders.

    {{ DiscussionBoard.errors[9480262].message }}
  • Profile picture of the author msuper28
    I'd advice you to buy anti-ddos feature for your website (like cloudfare), also disconnect all of your logins in all of your devices (tablet,pc, smartphone etc) go to your main mail adress, make a strong password only for your mail, then use different passwords for each of your login pages. This should secure your data better this way.
    {{ DiscussionBoard.errors[9480282].message }}
    • Profile picture of the author It Is Me
      How about changing the login page address to something hard to guess?
      Signature

      --
      AdRenter.com, AudioVideoGraphics.Com, ChooseHosts.com, CommentSubmitter.com, CommissionGate.com, CustomBacklinks.com, IncredibleLists.com.... Selling On GetTheseDomains.com
      --
      Internet Marketers Need These Products - IMersNeed.com

      {{ DiscussionBoard.errors[9480722].message }}
  • Profile picture of the author NatesMarketing
    I too recommend a service like CloudFlare.
    {{ DiscussionBoard.errors[9480842].message }}
  • Profile picture of the author TomVa
    Wait, someone is just trying to login, block their Ip In WordFence also there are scripts that will change the location of your admin sign in page, you would do good using that and it's free

    ps use Limit Login Attempts and better-wp-security thats the one that does the changing of your admin path
    Signature

    Do you need stable WEBHOSTING? https://hpthost.com HEY folks, for a limited time get the first month of service For only $0.01 That's 1 cents. At checkout use coupon code 1cent. This is only for web hosting, and only applies to the monthly services.

    {{ DiscussionBoard.errors[9481140].message }}
  • Profile picture of the author neelshopno123
    1. Limit Login Attempts
    2. Change Login URL
    3. Use 2 step verification to login
    Signature
    WordPress PROBLEM? Fix at $13 only! Email me neelshopno123@gmail.com
    {{ DiscussionBoard.errors[9481177].message }}
  • Profile picture of the author Hafeez
    Restrict your login page url with your IP address only. Add an extra layer of security using .htpasswd to prevent from bruteforce attacks.
    Signature
    {{ DiscussionBoard.errors[9481405].message }}
  • Profile picture of the author vikash_kumar
    This is one of the most common issue with any other site...whether that is on WordPress or not....

    Because it is on WordPress, It is more easy to do as the login URL's are known to all....That is why you are facing this issue...which is commonly known as "brute force attacks"

    You can easily prevent this issue by installing plugins. One such plugin is https://wordpress.org/plugins/rename-wp-login/ which will change the login URL .

    I hope, this will help you.
    {{ DiscussionBoard.errors[9481412].message }}
    • Profile picture of the author master reseller
      Originally Posted by vikash_kumar View Post

      This is one of the most common issue with any other site...whether that is on WordPress or not....

      Because it is on WordPress, It is more easy to do as the login URL's are known to all....That is why you are facing this issue...which is commonly known as "brute force attacks"

      You can easily prevent this issue by installing plugins. One such plugin is https://wordpress.org/plugins/rename-wp-login/ which will change the login URL .

      I hope, this will help you.
      Thanks for this link. I was just about to ask if there was a way to rename that page as it had been suggested earlier that the login page is known to all. Being able to obscure that page so only you know the login url is the key to ensuring against brute force attacks.
      {{ DiscussionBoard.errors[9481726].message }}
  • Profile picture of the author NestZone
    Do not use the same password online.
    If you rum a wordpress site expect much more.

    We had a complain from a client who had about 22,000 Admin login attempts a month on one of his site.
    {{ DiscussionBoard.errors[9481440].message }}
  • Profile picture of the author awledd
    My site was hacked about 2 yrs ago twice within a week. I was relieved after I install 'login lockdown' plugin which blocks login attempts after certain number of times. Never had an issue after that.
    {{ DiscussionBoard.errors[9481444].message }}
  • Profile picture of the author azsno
    Originally Posted by wilks3y View Post

    Hi All,

    I have a website, that isn't very popular or big but for some reason has become a massive target for hackers (What I believe are hackers anyway).

    I have WordFence installed and for about the last 2 weeks, everyday without fail someone is trying to login to my Admin account.

    I've reverse searched the iP trying to connect and they are generally from China, Russia and Vietnam.

    Is there anything I can do to put them off?

    Thanks,
    Alex.
    You can purchase the PAID version of WordFence (it has the capability to BAN Countries), then simply BAN China, Russia, and Vietnam...

    That will STOP any traffic from those countries getting to your site...

    ~AzSno...
    {{ DiscussionBoard.errors[9481783].message }}
  • Profile picture of the author cfountain
    These attacks are a risk with every account / software on the net.This is not just a Wordpress issue. I have my web hosting WHM/Cpanel account settings configured to send me an email when the maximum failed login attempts are reached.

    In fact, I started getting alarms the minute the server was setup. I literally got alarms while the ISP company was still configuring the server before they gave me the login info.

    I get password failure alarms all day long mostly from IP addresses in China, Russia, but also from other places including a few from US. A lot of hosting providers turn off these alarms by default. I don't get them at all from my Hostgator account, but I know they are trying them too. I think they just scan all IP address combinations.

    Most of these hackers use software that helps them route their attempts via multiple locations via proxies. It is very likely that the IP addresses listed in the logs is not the true IP of the hackers.

    Their software will automatically continue to retry new password combinations via different proxies over a long period of time, keeping track of past password combinations retrying new ones in each attempt. They just set it and forget it and wait for the software to report a successful login.

    It appears that they often know the default alarm settings for different software and automatically switch to a new IP before hitting the alarm threshold trying to go unnoticed. I changed my settings from alarming after 10 tries to 3 tries and the number of alarms I received jumped way up. So it is obvious that they are trying to change IP addresses before max hitting the alarms.

    The moral of the story is that you should never think your site or any online account is 100% secured. For Wordpress, the suggestions listed previously are all great ideas. Using plugins that lock out users on failed attempts and automatically blacklist IP addresses, changing the name of the admin file is also great. The hacker software knows the default (and commonly used) file names for popular software, so renaming them files will make it very hard to find and avoid lazy hackers who just run the software.

    Regarding your accounts and passwords, be sure the follow these guidelines:
    * Change your passwords regularly. There was a recent story about a Russian hacker team that stole something like a billion usernames and passwords from all over the net - sites big and small. So it is important to change them regularly.
    * Use strong passwords. Use software such as KeePass to generate super strong passwords.
    * Use strong account names - don't name the administrator account Admin or Administrator. Make it hard to guess the account names.
    * Use different passwords for all of your online accounts. If a hacker gets your email account password, he may then see statements from your bank, credit cards, hosting account, Wordpress, Facebook, etc. If you use the same password for any of those other accounts then he just got full access to those accounts also.

    I highly recommend using KeePass to manage your passwords. It has literally changed my life. Instead of trying to remember hundreds of accounts and passwords, I only have to remember one to open the software. From there I can launch and login to any other account very easily. KeePass will help you generate highly random passwords for each account and set a reminder to change them regularly. The software is free and open source so there is no hidden code hiding back doors or other unknown risks. There are so many cool automation tricks you can do with KeePass, I cannot live without it!

    Be smart, but expected to get hacked eventually. Plan for it, have a recovery plan, back up your site often!
    {{ DiscussionBoard.errors[9482378].message }}
    • Profile picture of the author NobleSavage
      Really? People are using WP plugins to secure WP? That seems like the most ass backward method of security.
      {{ DiscussionBoard.errors[9483150].message }}
  • Profile picture of the author damoncloudflare
    Hi,

    You could look at using something like BruteProtect or GetClef as well.
    Signature
    {{ DiscussionBoard.errors[9490194].message }}

Trending Topics