Results 1 to 21 of 21
  1. #1
    What's the word? Rhia7's Avatar
    Join Date
    January 13th, 2006
    Posts
    9,578
    Arrow Protect Yourself from WordPress Hack Attacks
    Here's an article from Forbes with good advice to
    protect your WordPress site from attacks:

    "Wordpress Under Attack: How To Avoid The Coming Botnet"

    Wordpress Under Attack: How To Avoid The Coming Botnet - Forbes
    ~Rhia7 -- Remember the 7
    Twitter me

  2. Thanks From:

  3. #2
    What's the word? Rhia7's Avatar
    Join Date
    January 13th, 2006
    Posts
    9,578
    ~Rhia7 -- Remember the 7
    Twitter me

  4. #3
    ...and a Pirate's heart. Convergence's Avatar
    Join Date
    June 24th, 2005
    Posts
    6,918
    Salty kisses, Sandy toes, and a Pirate's heart...

  5. #4
    What's the word? Rhia7's Avatar
    Join Date
    January 13th, 2006
    Posts
    9,578
    Better WP Security

    WordPress › Better WP Security WordPress Plugins

    The description sounds good but can a one click activation really do it?
    ~Rhia7 -- Remember the 7
    Twitter me

  6. #5
    Member
    Join Date
    November 6th, 2011
    Location
    Chicago
    Posts
    62
    Thanks for posting this. I'm always looking for ways to Harden WordPress

    One thing I do is rename the database prefix when I first install WP. It's easy to do with a fresh install, just change the config file. I think it requires a few extra steps with an existing site.

    I do this because bots are searching the web for databases with the WP- prefix
    (wp-youdatabase). They then attack those sites. Change the WP to anything else and those bots don't see your site.

  7. Thanks From:

  8. #6
    Member
    Join Date
    March 6th, 2011
    Posts
    97
    Quote Originally Posted by Rhia7 View Post
    Better WP Security

    WordPress › Better WP Security WordPress Plugins

    The description sounds good but can a one click activation really do it?
    I use this plugin (thanks to your previous recomendation ;-)

    Its not realy one click since once its installed you have to go thru and select which features you want to use - basicaly turn each one on one at a time and make sure it plays well with your other plugins and server setup, if a rule messes something else up then you have to decide whether to do without that rule or change something else.

    Basically it holds your hand thru the stuff linked to in this previous thread by writerguy and some more stuff (backups, logs, warning emails, and other stuff)

    Like I say I've been using it for about 3 months now it seems good.

    I selected all the tweaks apart from one and it works fine.

    One thing that I then change manually is that Better WP Security sets the permissions on both .htaccess and wp-config.php to 444. I modify the permisions on wp-config.php to 440

    Apart from the security and backups the logs can be very helpful. The other day I changed the settings on another plugin and didn't notice that it had messed up some of the sites navigation untill BWPS notified lots of 404 errors which didn't seem to be bots. I then spotted the error!

    All in all it seems pretty good

  9. Thanks From:

  10. #7
    Member Nytshade's Avatar
    Join Date
    March 9th, 2012
    Location
    South Africa
    Posts
    54
    By the time these articles were posted, the hackers have already moved on to a new technique haha... you're never safe but these help from the amateur hackers so thnx for sharing. Much Appreciated.

  11. #8
    Member
    Join Date
    November 29th, 2010
    Posts
    138
    I used to have my sites hacked, but since I started to use non-default default username (instead of admin) and different database prefix i didn't have any problem.

  12. Thanks From:

  13. #9
    Newbie Allen Payne's Avatar
    Join Date
    July 3rd, 2013
    Location
    Romania
    Posts
    11
    I use Better WP Security along with Wordfence. There are both great plugin, they are free and work smoothly together. I've tried quite a few of them and found these two to be the best ones so far.

  14. #10
    Newbie
    Join Date
    October 11th, 2013
    Location
    India
    Posts
    4
    Hello Guys, By the time this post, the hacker already moved on to a new technique hahah...... your're never safe but these help from the amateur hackers.

  15. #11
    Member
    Join Date
    November 29th, 2010
    Posts
    138
    It is important but you need to change default username and database password, otherwise you will be hacked anyway.

  16. #12
    Newbie
    Join Date
    April 3rd, 2014
    Posts
    2
    i use Better WP Security but i was hack anyway ;/

    always someone create new way to hack site's

  17. #13
    Newbie
    Join Date
    April 3rd, 2014
    Posts
    2
    Thanks for this reference. Actually I am using Wordfence security plugin for my blog and its really works fine for me.

  18. #14
    Newbie
    Join Date
    April 4th, 2014
    Posts
    5
    Thanks for this!

    another great tip is to make your passwords alphanumeric and sticky caps, plus add a (dash) -

    robots would take a lifetime to crack that.

  19. Thanks From:

  20. #15
    Member
    Join Date
    March 6th, 2011
    Posts
    97
    A quick upate to my review of the plugin above:

    Better WP Security has been bought by iThemes and changed its name to iThemes Security about 10 days ago. Its not been smooth transition - there's been 12 updates in just over a week due to various ongoing problems.

    Hopefully they'll get it fixed soon. In the meantime if you are thinking of using iThemes Security I'd recomend you wait a few weeks and see how things pan out.

  21. #16
    Newbie
    Join Date
    April 3rd, 2014
    Posts
    6
    Thanks for all of these posts as a newbie I did not give it a thought about my site being hacked. Great information all!

  22. #17
    Affiliate Manager
    Join Date
    February 1st, 2013
    Posts
    66
    Yeah, this info is timeless. Wordpress is certainly here to stay; for the time being. Has this continued to be a problem over time? The Heartbleed scare recently was enough to stop hearts in a minute. How many of you were affected by either Wordpress being hacked or your G+ account security compromised? Guess it's time to change that password. Right?

  23. #18
    Member
    Join Date
    March 6th, 2011
    Posts
    97
    Quote Originally Posted by Ritchie View Post
    A quick upate to my review of the plugin above:

    Better WP Security has been bought by iThemes and changed its name to iThemes Security about 10 days ago. Its not been smooth transition - there's been 12 updates in just over a week due to various ongoing problems.

    Hopefully they'll get it fixed soon. In the meantime if you are thinking of using iThemes Security I'd recomend you wait a few weeks and see how things pan out.
    Update to the update:

    Things have now calmed down again, no more daily updates and all seems to be back to normal with "iThemes Security"

  24. #19
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    Quote Originally Posted by vishwa1989 View Post
    Thanks for this reference. Actually I am using Wordfence security plugin for my blog and its really works fine for me.
    I have used Wordfence for over a year. There is at least one break-in try per day (several sites combined). So far Wordfence has prevented the walls of the castle from being breached.
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  25. #20
    Beachy Bill's Avatar
    Join Date
    November 20th, 2005
    Posts
    8,266
    I, too, am a Wordfence fan.
    Bill / Marketing Blog @ 12PM - Current project: Resurrecting my "baby" at South Baltimore..
    Cute Personal Checks and Business Checks
    If you are too busy to laugh you are too busy.

  26. #21
    Member
    Join Date
    March 6th, 2011
    Posts
    97
    Quote Originally Posted by Witzer View Post
    I have used Wordfence for over a year. There is at least one break-in try per day (several sites combined). So far Wordfence has prevented the walls of the castle from being breached.
    When you say breakin attempt do you mean attempts at login to the beckend?

    How does wordfence block it?

    Heard a lot of good comments about wordfence, also people using the two together.

  27. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. new mass hack/exploit for WordPress
    By John Powell in forum Blogging, Mobile and Social Media
    Replies: 6
    Last Post: November 28th, 2008, 10:54 PM
  2. Google can't hack it?
    By buy_online in forum Search Engine Optimization
    Replies: 16
    Last Post: January 9th, 2006, 08:41 AM
  3. Redirect hack?
    By PetsWarehouse.com in forum Midnight Cafe'
    Replies: 31
    Last Post: January 11th, 2004, 09:14 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •