WordPress is a fantastic blogging and website platform used by millions of sites. As such, it’s an obvious target for hackers. That’s one reason why it’s very important to always keep your site up to date.
When a new version of WordPress or one of the plugins you use is released, install it right away. Fortunately, this is a super simple process, so it’s pretty easy to keep WordPress secure in this manner (many updates resolve bug fixes or security issues).
One big shortcoming
One big shortcoming of WordPress, however, is that it lacks the ability to limit bad login attempts. Most systems will prevent you from trying different passwords over and over again, as that’s a clear sign someone is attempting to hack in.
Enter the “Limit Login Attempts” plugin.
Limit Login Attempts fixes this problem. The plugin allows you to limit bad login attempts to an amount you specify. If that limit is exceeded, login attempts are prevented from that particular ip address for a specified period of time (which you configure). This will lock out the bad guys, but leave you with access to your site from any other ip address.
I’ve installed this on all my WordPress sites and have been surprised by the number of times it’s protected them. I get an alert each time an ip address is locked out, and they come along all too often. I’m glad I installed this, and recommend you install it on your WordPress sites.
Let’s be careful out there.
Photo credit: zipemfish