10 Tips To Protect WordPress Site With Brute Force

Hello Friends, if you watch or read regular news, you must have heard the name of Brute Force Attack. Hackers use it to hack a site. If you are a wordpress user then you must also be worried that how to protect your site from it? So this is what we are going to tell you about in this post.

A lot of people are connecting to the Internet and nowadays a lot of work has been done online. The more people connecting to the internet, the more fun hackers will get. You all will know that nothing on the Internet is safe. If you read news related to internet, then you will know this very well.

In the news regular you will hear about hacking. There are millions of hackers on the Internet who hack thousands of sites every day. In such a situation, the owner of any site should care about the security of their site and keep it strong.

If you are a blogger, then you should not only write a blog post, but with this the blog should also do the tasks required for maintenance. That is, along with writing articles on the blog, its security should also be maintained.

We are going to talk about brute force attack in this post. Many people will not even know about it, so we will try to tell it in details below. Many wordpress users are stressed how to protect your blog by giving brute force attack? So for this we will tell them some tips.

What is Brute Force Attack?


This is the most common to hack the wordpress site. In this, hacker tries to login in a login page in a site by Random Characters, Numeric Combination, Symbols. Using this, sometimes the site is hacked in a very short time, but sometimes it may take too long.

People who use weak or simple username and password in their blog, their site gets easily hacked by it. Because it tries to login by guessing the username and password.

The hacker does not do this on his own, but is logged in by giving randomly the username and password through the automatic software. Thousands of usernames and passwords are tried to login by the software every minute. So sometimes we get hacked in a short time but in many cases it takes months.

1) Secure Your Computer!


“Security starts right at home.” That is, security starts from your home. If you want to secure your site, then you have to secure your computer. Because you work on the computer itself and if there is any problem in it, then the security of your site will also be weak.

Often, we save the admin username and password of our blog in computer hardware. Doing this can prove very dangerous for you. Perhaps you should know that in this way the login detail of your blog can be leak on the internet. So saving username or password in email accounts or Evernote is not a good idea.

2) Change to Login Url Wp Of your WordPress Website


If you use the default login URL (example.com/wp-login.php) in your wordpress site, then it can become the biggest factor in getting your site hacked. You will know that the first login page of your site is accessed in brute force attack. Then you can login by giving random username and password in it.

So when you change the login page URL of your site, hacker will not be able to access your site’s login page. You will also see many big bloggers that they keep changing their login page url address. With this you can make the security of your site very strong. For this you can read this post.

3) Your WordPress website Disable registration other user:

When new user registration is allowed in our site, then anyone easily create an account in it. This can make our blog a victim of hackig. By the way very few Hindi bloggers allow guest blogging. If you also do not allow this, then you can disable new user registration. For this, you can login to wordpress and go to Settings »General and disable it.

4) Use a well-coded WordPress theme:


When you start blogging, free theme is very good for you at that time. If you do not have money yet, then the free theme is very good for you. I see some new blogger that he wants to use premium theme but he has no money. Because of which they use its nulled version. I had also written this post, in which I told that why should not use the nulled theme?

If you use nulled plugin or theme in your blog, then you can be a victim of hacking at any time. You can also be a victim of brute force attack.

5) Install WordFence:


Wordfence is a complete and affordable solution for the security of a WordPress site. In this, you will get almost features, as much as a premium security plugin.

Still uses this plugin and I will tell you to use its free version only. In this you can also see real time attacks. It also works to block these attacks.

6) Have a backup plan!


Oh No! It should be at the top of my list. I always suggest to my readers to keep regular backup of your blog. Bye the way, if you ever fall victim to hacking, you can resolve your problem by restoring your backup.

I like to take my blog backup manually. For this, we have also written a post about how to manually backup a blog? There are many plugins available for this, which you can use.

7) Use Strong Username:


Only username and password are required to login to our blog. Many new bloggers do not give value to username and keep a weak username like Admin, while creating their blog. This has a huge impact on the security of their site.

You will remember that when a brute force attack occurs, it tries to login by giving random username in it. So the first thing is not to keep the “Admin” username and choose a strong username.

8) Use Strong Password:


Often, new bloggers have seen me making such a mistake that they keep a weak password for blog login. Those people think that how can anyone know my mind and that is why they keep any kind of password.

You know that people will try to login to your blog by guessing the password. The biggest thing is that when you keep a weak password, then your blog can be easily hacked by brute force attack. This can play a very important role of strong password to protect the blog.

9) Block IP’s:


When someone tries to login to our site several times by giving wrong username or passsword, then we can block his IP address. You will know that this process is also used in brute force attack, so we can block his IP address and prevent him from accessing the login page.

If you want to know the IP address of the attacker, then for this you can track through WordFence or Limit Login Attempts plugin.

When you find his IP address, you can do it by going to Security »IP deny manager folder in cpanel to block it.

10) Use Limit Login Attempt Plugin:


This is a very good way, so that you can be very safe from brute force attack. When someone repeatedly tries to login with the wrong username and password, their IP address will be blocked.

With this you can set login attemps and when someone crosses it, his IP address will be blocked automatically. You can enable it in your WordPress blog through the plugin. You can use the WP Limit Login Attempt plugin.

Bonus

11) Enable Two Factor Authentication:


You can protect to a great extent from brute force attack by enabling two factor Authentication in your blog. This enables extra security in your site. When you login to the wordpress site, after entering the username and password, you will need the authentication code which will be in your phone’s Google Authenticator app.

With this, when someone logs into your blog, in addition to username and password, authentication code will be required which will be in your phone. You can read this post for its complete information.

Friends, in this way you can protect your blog from brute force attack. Hackers hack thousands of sites every day using this method. If you follow the above mentioned tips, then your site will be completely secure from this attack.To ask questions related to this post, comment and share the post in social media.