Security Questions/Ideas on Hackers

  • Hello Everyone. If this is in the wrong Forum – let me know and I will move it.

    I am having constant internet traffic with users trying to hack/login to my site – https://www.myeventdj.com. I am using a security plugin – All in One WP Security by Tips and Tricks HQ, Peter, Ruhul, Ivy. I have done many of the things that the plug in suggests – as in renaming the login page, disabled the admin account, and more.

    I constantly get the following e-mails from the security plug in notifying me of IP addresses trying to login – failing – and then locking themselves out – see an example below:

    A lockdown event has occurred due to too many failed login attempts or invalid username:
    Username: admin
    IP Address: 69.90.188.153

    IP Range: 69.90.188.*

    Log into your site’s WordPress administration panel to see the duration of the lockout or to unlock the user.

    I could lock the IP’s out with my firewall – but thought that there might be a better way.

    I am a newbie – and just wanting to know what else I can to make the hackers go away and stop eating up my bandwidth.

    Thanks all!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator t-p

    (@t-p)

    you may want to implement some (if not all) of the recommended security measures.

    Thread Starter ferbert

    (@ferbert)

    Hi Tara – yes I have implemented 90% of those. I wanted to see if others knew of a way to maybe even keep the hackers from getting to the login page. I assume they are since they are trying to log in.

    You should also employ a WAF service to better protect the admin page and shield your website from malware and ddos.

    Hackers won’t go away! It’s what they do and they like doing it.

    Our site was hacked twice, the second time someone managed to install themselves as an admin. I spotted that fortunately.
    I changed every password for REALLY complex ones, including access to cpanel, installed Bulletproof and Wordfence. There is stuff in Jetpack too. And another plugin that I forget. I feel a bit safer now and can permanently block suspicious IP addresses.

    The fact that you are seeing IP addresses being blocked indicates your security is working. You can check IP addresses against a site such as this https://www.tcpiputils.com/ to see if they are blacklisted.

    If you want a crash course on Security that is written so anyone can get it, go check out wordfence.com/learn It’s 100% free and will walk you through the basics and give you the why’s and how’s of wordpress security.

    tim

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Security Questions/Ideas on Hackers’ is closed to new replies.