This is the site hacking email Andrew had passed on…it’s long but has useful links…bottom line he says just make sure your WordPress users DO NOT have a user named “admin” & install the Limit Login Attempts plugin

If you’re running a WordPress site, now would be a good time to ensure you are using very strong passwords. According to reports from HostGator and CloudFlare, there is currently a significant attack being launched at WordPress blogs across the Internet. For the most part, this is a brute-force dictionary-based attack that aim to find the password for the ‘admin’ account that every WordPress site sets up by default.

Both CloudFlare and HostGator, as well as a number of other hosting providers, have taken measures to protect their customers. Besides choosing a very strong password – which is always a good idea – you can also install a number of WordPress plugins that limit the number of login attempts from the same IP address or network to put a stop to these brute-force attacks.

Sara (I think) also did mention the plugin BulletProof Security which uses an htaccess file for its security.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s