What is Brute Force Attack? It is a popular attack on websites using open source, especially WordPress websites. And WordPress website users are no stranger to this form of attack.
But, what exactly is this form of attack? How to combat Brute Force Attack? These two important questions will be answered in this article.
What Is Brute Force Attack?
It is simply a hacker who handles a large number of popular users and passwords, constantly executing login queries into the wp-login.php file. If there is any wrong account, the hacker will ignore it and try the next one. Then continue to mix the passwords to execute the other login queries until he/she is successfully logged in. That’s the essence of Brute Force Attack.
When Do You Encounter Brute Force Attack?
Your website is vulnerable to Brute Force Attack when it comes to login account security issues and the following issues:
- Password is not strong, easy to guess and popular
- No login path security
- Username is usually ‘admin’ or similar
- Do not change your password frequently
How To Fight Brute Force Attack?
To combat Brute Force Attack you need to fix the problems of login account security including:
- Naming a hard-to-guess username
- Set strong passwords with many special characters, and not include personal information
- Secure login path
- Frequently change password
- Limit the number of false logins
You should also use the following plugins to combat Brute Force Attack:
- Brute Protect: Block bad IPs and Brute Force queries
- Limit Login Attempts: Limit login attempts
- Better WP Security: Hide the login path, limiting the number of false logins
- Login Security Solution: Require strong password, change password frequently and limit login times
If you want more security, you can use Key Captcha to generate test code.
Security is a very important issue, you should equip your personal account as well as your website the necessary tools to not be the situation of stealing personal information, unfortunately.
If you have any questions, please leave a comment and I will answer as soon as possible. Thank you!