I am going to assume you do not know what a brute force attack is, hopefully you have never encountered one and touch wood you will never ever have to go through the process of having to clear up the mess after being involved in an attack.
To put it simply, a brute force attack is where someone hacks into your account, makes changes to your content or worse still- deletes everything. Quite honestly it makes me feel sick to my stomach the very thought of this happening – but it does happen. Just recently I saw it happen to someone and they are still trying to pick up the pieces.
If you read my post showing you how to back up your blog then you will know the importance of making a back up regularly. This ensures you have a copy should anything happen to your blog. However, a brute force attack can leave you locked out of your blog, unable to reinstate the content. It may mean abandoning your blog altogether.
What can you do to prevent this from happening to you?
Now, I have not read anything to suggest that this happens on Blogger, it seems to be more common on WordPress sites- possibly as bloggers will more than likely be self hosted, therefore more vulnerable.
- The first step to becoming secure is to choose a great password (this is applicable to everyone, not just WordPress users). Choose something that would be almost impossible to guess- I use a phrase rather than a word.
- Secondly, make sure you have the ‘All in one WP Security’ plugin installed- this will take you through various options to make your site safer.
- Lastly – and most importantly- within the all in one security there is an option to rename your wp-admin. I used to have a plugin for that but it is un-maintained now so I don’t trust it! You can do the same within the security dashboard.
When you log in to wordpress you type in www.yourblogsite.com/wp-admin right? and that brings up your login window.
The problem is, /wp-admin is the default for every wordpress user out there. This makes hacking into your site just that little bit easier. What you want to do is hide that login page so that only you know where it is!
So what will the hackers see?
If anyone should try and go to your original extension of /wp-admin then they will be met with this screen…
The only way anyone will be able to get to your dashboard will be to know the secret extension- and hopefully the only person who knows that is you.
Have you been a victim of hacking?
47 Comments
Everything Mummy
March 26, 2015 at 7:31 amgreat tips katy I’m going to install the plug ins you suggested later better safe then sorry!! x
Katy
March 27, 2015 at 10:59 pmDefinitely! Thanks Amy xx
Kim Carberry
March 26, 2015 at 9:37 amEek! Great advice…For once I am glad to be on Blogger.
Katy
March 27, 2015 at 10:57 pmHaha, I know- frightening isn’t it? x
Catherine
March 27, 2015 at 10:03 amThank you for the advice Katy, will check the plug-in out.
Katy
March 27, 2015 at 10:50 pmHope it helps xx
Sarah Christie
March 27, 2015 at 9:01 pmGreat post Kate I am off to find that plug in xx
Katy
March 27, 2015 at 10:42 pmAh good Sarah, glad it was helpful x
Jenny @ Unremarkable Files
March 28, 2015 at 12:45 amThanks, I’m now going to have nightmares. And then go back up my blog.
Katy
March 28, 2015 at 7:50 pmHaha! Hope you have managed to back it up x
Adventures of a Novice Mum
April 1, 2015 at 4:31 amThanks for this; I’ll be checking out the suggested plugins. I can’t even begin to imagine the horrors of having this kind of attack; my word … that someone would even consider doing this to someone else is mind boggling. Thanks loads. #aNoviceMumTwitterFeed
Katy
April 3, 2015 at 9:10 pmIt really doesn’t bear thinking about! x
Jenni - Odd Socks and Lollipops
April 2, 2015 at 10:12 amThank you so much for sharing this, I am going to be installing the plugins you’ve suggested. It’s just too horrible to think about!!
Katy
April 3, 2015 at 8:40 pmIt really is awful to think it! x
Jenni - Odd Socks and Lollipops
April 22, 2015 at 9:38 pmI tried downloading and installing both of these two plugins but for some reason it then meant my site wouldn’t load, not sure if it was a compatibility thing or not, going to try them individually first to see which caused the problem!
Katy
April 23, 2015 at 7:48 pmOoh err, not sure why that would happen! Maybe it is your theme just doesn’t allow it. Just make sure your password is great and you should be fine xx
Sammy From Mamma With Love
April 2, 2015 at 4:04 pmFab tips! Just installed the plug ins! X
Katy
April 3, 2015 at 8:38 pmGood news! Glad it helped! x
Hannah Mums' Days
April 2, 2015 at 9:06 pmOoh great post – I’d not even thought anyone would be arsed to hack my blog but what if they were?!? Some fab tips, I’ll make sure I follow asap!
Thanks for linking up xxx #TheList xxx
Katy
April 3, 2015 at 8:33 pmYou never know when it could strike! Better safe than sorry xx
Rosie
April 14, 2015 at 3:57 amGreat tips – thank you! Never knew any of this was even possible! Am definitely going to look into these plugins now…
Katy
April 14, 2015 at 9:45 pmAwful to think of it isn’t it? x
Mum in Brum
May 1, 2015 at 9:42 amWow I never really gave blog security much thought – thanks so much for posting this and for the great plugin tips – I will definitely be installing these eek! x
Katy
May 2, 2015 at 8:45 amGood good! xx
MummyWrites
May 16, 2015 at 9:36 pmOoooo thanks great tips! Really enjoying this series x
Katy
May 18, 2015 at 11:00 pmThank you 🙂 x
Mum to a Monster
May 17, 2015 at 7:05 pmthanks fo these tips, ive just installed the plugins
Katy
May 18, 2015 at 10:40 pmFab!! x
MummyWrites
May 30, 2015 at 2:50 pmHi Katy
I’m trying to follow some of these but I can’t see a Plugin menu anywhere on my WordPress admin. Would you know what I’m doing wrong?
Katy
May 30, 2015 at 7:03 pmHi lovely, the reason is because you are not self hosted- you have a .wordpress.com account and therefore have limited abilities in your dashboard. Don’t worry though, being with wordpress in this way means you are fully protected as they will be in charge of the admin and security. If you ever switch to self hosted wordpress you would have more options in your sidebar xxx
MummyWrites
May 30, 2015 at 7:23 pmHi Katy – thanks so much, that’s really good to know! 🙂
Katy
May 30, 2015 at 8:38 pmYou’re welcome xx
Cathy (MummyTravels)
June 2, 2015 at 12:08 pmFantastic – have just done ALL of these…
Katy
June 7, 2015 at 9:27 amFab!! x
Kirsten Toyne
June 18, 2015 at 6:04 amThis is great. Thank you. I will do this straightaway. I did wonder about the admin bit. It is so easy to find and then the username always pops up so it is down to one password. You may have saved many blogs.
Katy
June 25, 2015 at 9:22 pmExactly, you can never be too careful xx
Jenny
July 8, 2015 at 1:33 amSuch great tips listed here and I am making note of them and trying to go do the plugin to rename my log in area right now and a harder password too. To start protecting myself. I already use a plugin to back up but who knows if they could delete that too. I dont know what I would do working so hard every day for past two years I can’t even imagine. Thank you for sharing your knowledge.
Katy
July 14, 2015 at 3:30 pmHope you are all sorted now Jenny, your blog is awesome so would hate anything to happen xx
Jen / Who Let the Mum Out?
July 22, 2015 at 11:52 pmGreat advice! I’ve installed the All in one WP Security plugin and I feel my site is much more secure now. Thanks!
Katy
July 23, 2015 at 8:08 amIt is great as you can adjust the settings to suit you 🙂 x
Helen | Wonderfully Average
July 25, 2015 at 8:39 pmScary stuff! Thanks for the tips will be installing these plugins tonight
Katy
July 27, 2015 at 8:58 amOh good! Can’t be too safe. x