In 2012, my site was exploited, along with many other wordpress sites using outdated versions of TimThumb, a popular PHP-based image resizer. Apparently, their main goal was to use our sites as launch pads to go after major U.S. banks. After clearing out all the junk, I tried using a WordPress plugin called BulletProof Security, and everything seemed to work well.
Recently, I switched over to Better WP Security. I checked the logs and looky what I found:
Several reports say that there was a huge botnet attack on WordPress sites To steal admin passwords and gain server access. Looks like it was a brute-force dictionary-based attack that aim to find the password for the ‘admin’ account that every WordPress site sets up by default. Good thing one of the first things I do on any WordPress installation is change the “admin” username.
Protect your WordPress installation:
- If your username is currently set as “admin”, change it to something custom.
- Change/strengthen your password.
- Make sure you’ve deactivated and deleted all old or unused themes and plugins.
- Install a plugin to limit login requests. I just installed the appropriately titled Limit Login Attempts WordPress plugin.
Note to self: stay vigilant with WordPress security.
Next, read “how to change your WordPress admin username.”