Defend your WordPress site

WordPress can be a terrific website platform. However, its popularity and its open source nature make it a favorite target for attackers. Two real-time defenses:
WordPress logo

  • WordPress Simple Firewall plugin: detects bad behaviors by comment spammers, blacklisted clients. and brute force password crack attempts
  • http:BL WordPress plugin: redirects visitors who are on a public dynamic blacklist to a honeypot page, which is seeded with unique email addresses that can give away spammers.

One plugin that logs malicious activity:

  • SEO Redirection plugin: logs 404 (page not found) errors. Reviewing the log file allows an administrator to block future access of IP addresses that attempted to discover cracks in his or her firewall or execute administrative PHP scripts.Caveat: Use care to ensure that you don’t mistakenly block search engines’ spiders and other legitimate robots. (I’d erroneously blocked three IP addresses that are used by the GoogleBot spiders. That explains why the website suddenly disappeared from Google’s search results.  D’oh!)

I use and recommend all three of these WordPress plugins on self-hosted WordPress installations. They work. I’m amazed by the persistence of attackers on my WordPress sites. (Most attacks originate from Russia, Ukraine, China, Netherlands, Germany.)

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s