Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

forgot password?



Reply


Old
  Post #1 (permalink)   04-11-2013, 04:24 PM
HD Amateur
 
Join Date: Feb 2013
Location: Austin, TX
Posts: 98

Status: paradiseweb is offline
Apparently world wide brute force attack going on right now. Better make sure your clients have their wp-admin pages protected well, and watch your servers for their usage.

http://blog.hostgator.com/2013/04/11...e-force-flood/

__________________
Web Design and Hosting
Network Admin, Computer Science Teacher, Web Designer, and Web Host. I'm kind of busy...
Personal Comp Sci blog
 
 


Old
  Post #2 (permalink)   04-11-2013, 04:47 PM
HD Newbie
 
Join Date: Mar 2013
Posts: 41

Status: InertiaNetworks is offline
Yep. This is happening to most of our WordPress clients.
__________________
Inertia Networks, LLC
@InertiaNetworks
 
 
 


Old
  Post #3 (permalink)   04-11-2013, 07:22 PM
HD Guru
 
HostLeet's Avatar
 
Join Date: May 2009
Location: Florida, USA
Posts: 874

Status: HostLeet is offline
Advise clients using WP to ALWAYS Password Protect their WP admin folder, as recommended by WordPress: http://codex.wordpress.org/Hardening...uring_wp-admin

This, along with CAPTCHA implementation, should take care of most brute-force attacks. Don't forget to also advise your clients to FULLY secure WP, as well... There are many tutorials and guides available on the web, and most methods are very easy to implement. WP can be very secure, if you know what you're doing! One plugin that I always recommend (and use) is "Better WP Security" (even has built-in brute-force prevention) : http://wordpress.org/extend/plugins/better-wp-security/

A comprehensive and detailed KnowledgeBase + regular notices/emails (automated or manual) to each of your clients can do wonders as a pre-emptive measure to protect your customers and servers. You'd be surprised at how many of your customers will actually listen to YOUR advise (use this!).

As their web host, they see you as a leading expert in the hosting field, this is why they signed up with your company in the first place. Therefore, any advise you can give your clients, specially if it helps protect their website, will be noticed. Our upstream provider notifies us of any outdated WP installation on the servers, we then pass this info to the client, manually, and in a more personal manner.

We inform them of the dangers of running outdated scripts (specially WP) and then show them how to fix the problem. We setup a KB article on our website to help customers secure their WP sites. This info is freely available on the web, we simply facilitated the search for our clients.
__________________
HOSTLEET.COM, LLC - Elite Website Hosting Since 2008!
Fast Reliable Affordable Secure Friendly & Courteous
RISK-FREE Money Back Guarantee PCI-Compliant Checkout

Last edited by HostLeet : 04-11-2013 at 07:30 PM.
 
 
The Following 2 Users Say Thank You to HostLeet For This Useful Post:
Artashes (04-11-2013), SenseiSteve (04-26-2013)
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: