Books    Photo Galleries    Blog    Elsewhere    About


Ads precede the content. I don't control the ad content, but money flows to me if you click on them.

December 27, 2011

Avoiding WordPress login hackers

Filed under: blog,hacking,security,software,wordpress — Tags: , , — admin @ 3:44 pm

Lately in my server logs I’ve been seeing a lot of attempts to hack into WordPress. The hackers appear to have automated means of working well-known exploits such as to timThumb.php and phpMyadmin, but also I’ve seen persistent efforts to do brute force login attacks using a big password set. A lot has been written about the exploits and patches exist for them that you can find elsewhere, but the simple way I avoid the most common brute force login hackers out of the gate is to not even have the well-known wordpress login script wp-login.php visible. (more…)

Powered by WordPress