WordPress Security


WordPress Security

Security is currently a very hot topic for WordPress Users

Over the last 3-4 weeks there have been several warnings around security vulnerabilities followed up by several updates to plugins and core WordPress to patch those vulnerabilities.  At Confluence Web Solutions, we have decided to go a step further in protecting our site.  Last week we installed the Sucuri WordPress Plugin: “Sucuri Security – Auditing, Malware Scanner and Security Hardening“.

https://wordpress.org/plugins/sucuri-scanner/

Right out of the gate we liked this plugin for the following reasons:

  1. It will scan your site and let you know if your site has been infected in any way.
  2. The scan results will also let you know if there are any existing vulnerabilities.  For example, it can help by letting you know where disabling of PHP execution is needed, thus reducing access in key locations such as the wp-config.php file, the .htaccess file, and directory browsing…

There are several other reasons why this plugin is great, but here is another.  The plugin will monitor, log, and report failed login attempts.

If anyone has ever read any of my prior posts around WordPress Security and Hardening your sites, you would know that I NEVER use ‘admin’ as a username.  So, this morning when I received the following email, I know that someone/some bot is finding my login page and trying to gain access by using ‘admin’ as the username.

Subject: Failed Login

Login Info:
Time: May 13, 2015 8:41 am

Website Info:
Site: http://confluence.solutions
IP Address: xx.xx.xx.xxx

Notification:
User authentication failed: admin

Explanation: Someone failed to login to your site. If you are getting too many of these messages, it is likely your site is under a brute force attack. You can disable the notifications for failed logins from here [1]. More details at Password Guessing Brute Force Attacks [2].