Building a website is cheap, but not protecting it is costly.

massive-brute-force-attack-dec18

We use Wordfence as a default on all new WordPress client sites that we create for good reason. Here’s a scary reminder that while building a website has become quick, easy, and relatively cheap your company / nonprofit / church / community group should not take WordPress security for granted with cheap hosting and no one overseeing these sorts of things:

This is the highest volume brute force attack we have seen to date. It may also be using the fresh credentials that were provided in the database released on December 5th, so it may achieve a higher than normal success rate. Please spread the word among the WordPress community to create awareness of this new threat.

via Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC

Published by Sam Harrelson

I'm the head of Harrelson, where we work with churches, nonprofits, and businesses on marketing strategy and consulting. This has been my personal blog about marketing, tech, religion, art, history, scifi, family, and life in general since 2006.

Join the Conversation

2 Comments

  1. Wordfence is great, but it is not enough. Update, update, update!
    And keep recent backups of your website files and database backed up somewhere else, in case disaster strikes you can restore things and patch them up easily.

Leave a comment

Leave a Reply

%d bloggers like this: