Unlike hacks, brute force attacks take the easier approach of consistently trying to guess your username and password. Unfortunately, this works since not all site owners have the strongest credentials, especially those who still use the dreaded default ‘admin‘ username. Since brute force attacks don’t halt after a single failed attempt, they can take a devastating toll on your server memory causing performance issues.
To prevent these attacks on your WordPress site, follow these precautionary steps:
- Limit Login Attempts – does what the name says.
- Google Authenticator – allows two-factor authentication to login to your WordPress site. For some, this may seem like overkill, but you can never be too safe.
- WordFence – a robust security plugin with built-in firewall, virus scanning, and a premium version to block specific countries.
Now that you’re informed, spend a few minutes to protect that awesome site. While you’re at it, take out the trash, spam, and erroneous users. Any questions or comments related to these brute force attacks, just ping us in the comments below.