Canton, MIPost #: 65
If you haven't heard yet, this past week web hosts and web security companies around the world have reported increased brute force attacks on WordPress and Joomla websites
There are key things you can do to protect your WordPress site:
- Avoid obvious passwords (like "password" "12345" "mypassword")
- Don't use "admin" for your username. If you have an "admin" username, create a new username with admin permissions (you'll need to use a different email address). Delete the old "admin" username account (WordPress will prompt you to assign the old posts, assign the old posts to the new username).
- Use two-factor authorization on WordPress.com
- Update WordPress and your plugins
- Consider installing a security plugin
- Consider using a service like CloudFlare, which blocks login attempts that look like a brute forced attack. CloudFlare has a free plan for single websites.