Part of cybersecurity.gr advice to shield your WordPress site. Tips simple, with little or minimal cost, to ensure that unwanted users will not get access to your site and will not steal critical data hosted on afton.To first part can be found here.
5. Prevent multiple login attempts
The brute-force method is quite widespread and used by cybercriminals to try to form the randomlogin usernames and passwords, to finally gain access to the management platform.
One of the most effective ways to block such "attacks" is to block certain IP addresses that will try to make login random credentials. There is, namely, the ability to automatically «lock out» specific users when they try unsuccessfully to enter the administrative part of the site over one or more times.
6. Security databases
If you do not already know, WordPress uses a MySQL database, which is created in the server hosting your website. In this database, the username and password that will be used to enable the concession rights read and write to the WordPress build some plugins, should be "strong".
Also, avoid using the same credentials to other MySQL databases if the same server and other hosted WordPress websites.
If someone else has gone, instead of you, in the configuration of the site, then this audit is needed to be done.
7. "prohibited", the word "admin" as the username
In the vast majority of WordPress websites you have an account with username «admin», which usually has elevated administrative rights (in older versions of WordPress this account is createdautomatically).
Because of this, the script used by cybercriminals to conduct a «brute-force» attack, first check all the username «admin». For this, then, that account be sure to remove, or even to modify the rights.
Instructions to change the «admin» account can be found here , but if you are unsure of your skills in the management of your site, it is best to consult a professional.
Continued ...
Aucun commentaire:
Enregistrer un commentaire