Lots of Brute Force Attacks on Wordpress sites today

I just wanted to give everyone a heads up that there is a huge concentrated botnet attack against wordpress sites going on at the moment.  Basically they try and log in to your administrative account by guessing your username and password.  There are a lot of steps you can take to help prevent your site from being vulnerable.  The most important step is to make sure that you have a very strong password that uses both Upper and Lower case alphabets, numbers and symbols and is at the very least 10 characters long.  I make mine a lot longer than that.  Also it is VERY important to make sure that your username is not left as Admin or Sysadmin.  I've had 11 attacks on my site this morning already and nearly every one of them tried to log in as admin which is the default username for wordpress. Changing that is important.

There are a whole host of plugins that you can use for security and I'd rather not go into the specifics of which ones I use and I'll explain why in a bit.  Two days ago my spam filters caught two different comments. The first one said


Hοwdy, i read youг blog occasіonally and i owո a similar one and i was just curious iif you get a lot of spam fеedback? If so how do you pгotect against it, any plugin or
anything you can suggest? I get so much lately it’s driνing me mad so any help is very mɦch appreciated.


Notice the misspelled words and the vague reference.  They mention NOTHING specific about my site and this is one way you can usually tell spammers from real comments. I believe this person or bot was fishing for information in the hopes that I would leave a reply telling them the kind of security I use.  

Here's another one:

Thіs is a topiϲ that iѕ close to my heart…

Best wishes! Exactly where are youг contact ԁetails though?

This is a topic that is close to my heart?  It's a freaking book review. And I know my reviews aren't so damn good that they would be close to your heart!  Again notice the vague reference to my site. This is how spammers do it, they'll leave comments such as great site, or thank you for the informative post.  Now some real people may do that too but most of the time it's spammers.  I also think this person was fishing for information such as my email.  I have a way for people to contact me on my site but my email address is HIDDEN on purpose.  It just says contact me.  It's very easy to find ways to do this..  

Here's the newest piece of spam I received 


Hello! I simply would like to give a huge thumbs up for the nice
data you might have right here on this post. I shall be
coming again to your blog for extra soon.

Again notice the vague reference? They're all starting to look the same. I don't provide NICE DATA, I do book reviews and this guy's name was SEO which is a huge black flag to me.  I'm thinking about adding SEO to my blocking list.

While those are just spam the attacks are a whole different matter.  I think those first two spams were connected to some attacks on my site a week ago.  The very next day that same IP tried to log into my account and after 7 attempts I ramped up my security and blocked their IP.  I get real time notices when things like this happen and I had just woken up when it started that day.  Today I woke up after all of the attacks but my security did it's job.  

I'd love to be able to discuss what I use but with someone fishing for information like that I'd rather not reveal what security features I'm using since I have a link to my Booklikes blog on my site and anyone would easily be able to trace it to here and find out.  I doubt it would help them too much knowing what I use but why take those chances.  

  • Anyway I just wanted to give everyone a heads up.  You can only change your Admin name that first time.  I think once you've changed it from Admin then you can't change it again but you can create a new admin account and give yourself admin privileges and then delete the old one but be super careful, test it out before deleting anything.  You wouldn't want to lock yourself out.  Also be sure to make regular backups of your site in the case that it does become compromised.  I'm hoping that the attacks are slowing down but regardless be careful and play it safe.