Become Wordpress Professional - Your Ultimate Wordpress Guide

Wednesday, 2 October 2013

How to Reduce Brute Force Attacks in WordPress

stopping brute force attacks in wordpress
WordPress is no doubt one of best, reliable, secure and most use web portal in the world and it is very much difficult to hack a WordPress site because of its clean and clear coding that developed under a professional team of WordPress. But on the other side hackers are introducing new tricks day by day and today the most common WordPress hack trick is to gain access in WordPress panel using Author scan.

This type of hacking is called " Brute Attack " and in this technique a software is used as a bot to scan your WordPress based website to find Authors usernames and then they gain access by exploiting any of them. But this attack can be reduced by adding small snippit of code in your WordPress root .htaccess file.
# BEGIN block author scans

RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (author=\d+) [NC]
RewriteRule .* - [F]

# END block author scans 
Copy the above code and open your cPanel or web hosting account. Now open your WordPress root directory and open .htaccess file.

This snippet of code will block bots from author scan and reduce Brute Force attacks using bots and hence this code will protect you against WordPress hackers. Keep in mind never use same username and same author name in your WordPress site because finding a username will always help hackers to gain unauthorized access.

Also Read : How to Block Proxy Servers From Accessing WordPress Site


Post a Comment

Please Avoid Spamming. Comments will be moderated before they are published.