• Facebook
  • Twitter
  • Subscribe
  • RSS

WordPress Hacking Warning

blogging

A week ago, Aaron Brazell alerted me to “a brute force attack underway on a global scale” against WordPress sites. Essentially, they’re attacking a known vulnerability: the fact that “admin” is the default user account. Those who started their sites in recent years had the ability to change that during creation; those with older sites were stuck with it. So, essentially, those with enough computing power can simply try various combinations against WordPress installs and username “admin.”

Aaron recommends “a strong password and install[ing] a plugin that limits failed login attempts.”  I already had a strong password. Yesterday, I had a plugin installed that limits failed login attempts. Overnight, I had two instances where a brute force attack was thwarted at OTB.

In addition to those steps, I took another important one Monday: I renamed my “admin” account to something else.  Matt Mullenweg, the guy behind WordPress, points to directions explaining how. Essentially, you create a new admin account, log out, and then delete the old admin account attributing all the posts to the newly created account.If it was anyone other than Mullenweg pointing to those directions, I’d have been leery.  But I did this myself in five minutes and it imported some 23,500 posts instantly.

If you own a WordPress blog, do these things today. If you don’t, why are you still reading?

 

Related Posts:

About James Joyner
James Joyner is the publisher of Outside the Beltway, an associate professor of security studies at the Marine Corps Command and Staff College, and a nonresident senior fellow at the Atlantic Council. He's a former Army officer and Desert Storm vet. He has a PhD in political science from The University of Alabama. Views expressed here are his own. Follow James on Twitter.

Comments

  1. Jim Swift says:

    Good advice here on setting up two step authentication and lock out procedures..

    http://blog.hartleybrody.com/set-up-wordpress/

    Like or Dislike: Thumb up 0 Thumb down 0

  2. Dave Schuler says:

    Yes, I was alerted to this problem some time ago. My !#$% web host even disabled comments on my blog briefly while the attacks on WordPress blogs hosted by them was under way.

    My administrative login hasn’t been “admin” for some time and I installed the plug-in to limit login attempts years ago.

    Like or Dislike: Thumb up 0 Thumb down 0

  3. John Peabody says:

    …because I’m curious. Dang, way to end a post, dude.

    Like or Dislike: Thumb up 1 Thumb down 0

  4. James Joyner says:

    @John Peabody: Ha. Just an acknowledgment that the information is mostly of interest only to other WordPress site owners.

    Like or Dislike: Thumb up 0 Thumb down 0

  5. John Peabody says:

    No sweat. Do whatever is needed to protect our beloved OTB.

    Like or Dislike: Thumb up 0 Thumb down 0