This is a guest post by John Samuel . Register and start guest posting here on Serradinho. You can also increase your monthly income by joining our Revenue Sharing Program. You have nothing to lose and so much to gain!
Every website is prone to some or the other attacks from the spammers and hackers (not the ethical ones). The most common way is by attempting to login to the website or certain accounts. There have been attempts of login to various Twitter accounts of the celebrities in the past.
Accounts which have common or dictionary passwords can be easily attacked. The best approach is to choose a strong password for your account.
If you are a blogger, you should protect your account from such attacks. Choosing a strong password is one option. The second option is to protect your account from brute force attacks. The next question will be “What is a a Brute Force Attack?”
A Brute Force Attack is a mechanism to break into a website with all possible combination of passwords till the correct one is found. If your password is simple enough like a word from a dictionary, it can be easily found by the attackers.
Most of the websites lock down accounts for a particular period of time after a certain number of failed login attempts. This ensures the protection of accounts from brute force attacks. You can add the similar feature in your WordPress blog.
Serradinho introduced Login Lockdown in Plugins that should be part of WordPress core functionality. Login LockDown is a WordPress plugin which protects your accounts from brute force attacks.
How does Login LockDown works?
Login Lockdown makes a record IP and time stamp of every failed login attempts. If a certain number of failed attempts is found within a specified period of time from a particular IP, Login Lockdown blocks all login requests from the same range of IP’s for a specified period of time
After installation, your WordPress Login Menu will look something like this
The default settings include 3 Maximum Login retries with 5 minutes of Retry Time Restriction and a lockout period of one hour. Depending on your requirement, you can change these settings.
Protect your WordPress account with LockDown Login. Do you use any other plugin to protect your account?
John Samuel is a Software Engineer by profession. He likes to experiment with various social networking sites and applications around them. He shares tips on social networking and browsing in his blog Browse Easy. Check his blog for the latest tips.
View all posts by John Samuel, there might be other posts that interest you.
{ 28 comments }
Thanks for the great post, I’m sure many users can use some thing extra to protect themselves. Rather be safe than sorry.
I have Login LockDown plugin already installed on this blog for sometime now. Have yet to experience a problem
I also use WP-DBManager for my database, make backups automatically.
Very good post, John. I really liked it.
Thanks
.-= Sahil Kotak´s last blog ..Smashing Saturday: Link Love For Bloggers =-.
Hi George,
Brute Force is really strong hacking arm for hackers and the fearful thing for bloggers.The way you have mentioned here is really strong and recommended way.Wordpress should be integrate the functionality in the core features.
Thanks for sharing and reminding about hackers attacks on the blogs.
.-= Surender sharma´s last blog ..The Homework Before Launching Your New Blog =-.
nice informative post! And i never knew about this plugin as well – thks for info
Cheers
Sandeep
.-= Curious Little Person´s last blog ..Use Onlywire to Auto Syndicate your Content To Millions! =-.
i using password that never mention in any dictionary in this world.. and i think its strong enough.. but there is never too careful..
But still I would like you to use login lockdown. There can be attempts of brute force attacks with different combination of characters.
.-= John Samuel´s last blog ..Decrease loading Time of Wordpress Widgets with Widget Cache =-.
izzat aziz – lets hope it’s not in the dictionary, lol
I first used this plugin when my blog got hacked several months ago. Sometimes, it bothers me when I mistype my password when logging in but it’s a sure winner.
.-= Mathdelane´s last blog ..Seesmic Web Integrates Twitter List =-.
@Mathdelane – sorry to hear that, glad you are back up and running. Rather be sure and safe than reckless.
True. But sometimes we’ve got to learn the hard way and the moment we learn from our mistakes that’s wisdom. I was new to blogging that time.
.-= Mathdelane´s last blog ..Gizmodo Scareware Fiasco and My Two Cents =-.
@ Mathdelane – yes, some of us have to learn the hard way. My site was hacked some time ago and that is not a feeling that I want to experience again
Even I faced this prob..My blog got hacked just after few days..then i reset login n again updated theme to fix this hack.
.-= ankit @ All About India´s last blog ..Yuvraj Singh six sixes video in T20 World Cup Against England =-.
@ankit – it’s better if it gets done in the beginning as you don’t have much info and you learned an important lesson.
Thanks for the post. I was thinking to use this plugin but was not sure. Now i will sure try it out.
.-= Ruchi´s last blog ..Tips to improve your Online Persona =-.
I have already installed this plugin to my blog. I usually prefer SEO and security plugins as the compulsory plugins for any blogger.
.-= Ricky´s last blog ..Check How Funny Is Your Death By The Death Predictor Tool =-.
@Ricky – the plugin will have no effect on your SEO as it’s more got to do with your login page.
I never said that it has something to do with SEO. I said that security and SEO plugins are very essential for any bloggers. One should not neglect security plugins (as well as SEO plugin).
.-= Ricky´s last blog ..Check How Funny Is Your Death By The Death Predictor Tool =-.
@Ricky – sorry then, I misunderstood you. Yes, they are very important and it should be on top of anyone’s list.
Good to see the big fat footer back.
.-= Ricky´s last blog ..Check How Funny Is Your Death By The Death Predictor Tool =-.
@Ricky – got to many emails saying that they liked it more so I reverted back.
Actually, this plugin is very useful and I will definitely try it on my blog soon. Thanks for sharing
.-= Tinh´s last blog ..2 Simple Ways To Restore Your PageRank =-.
Nice app to keep our accounts safe. My teacher, who teaches me Practical Encryption in school, says that all passwords can be unlocked with an appropriate algorithm and powerful computer resources.
.-= Phaoloo´s last blog ..6 Effective Tools To Check Your Site For Broken Links =-.
Have you read Digital Fortress?
.-= John Samuel´s last blog ..Happy Birthday Firefox! It’s 5 years of Happy Browsing =-.
Yeah.. brute force really a good approach made by the hackers!
WP 2.8.5 has some good security features which protects the blogs from such attacks.. cheers!
.-= S.Pradeep Kumar´s last blog ..Grab 7 Free Orkut New Design Invitations : Giveaway =-.
This is another great information bro. Thank you. Well I am a blogger user. But learn about wordpress by reading such type of post.
.-= chandan@work at home´s last blog ..New from google work at home affiliate network =-.
Nice post …..Everybody should use this plugin..
thank you very much…
Good plugin. I will use it for sure! There have been a lot of cases where Wordpress Blogs are hacked and I don’t wish to be among such victims.
.-= Tech-Freak Stuff´s last blog ..5 Most Popular Myths regarding Alexa Rank =-.
@Tech-Freak Stuff – I doubt anybody would want to be hacked, it’s the last thing we wish for.
Comments on this entry are closed.
{ 1 trackback }