" />" />

Wordfence WordPress Security Works

Wordfence WordPress Security Works

Beating Back Door Burglars.

 

A few weeks ago, I found out that hackers had destroyed the website owned by a friend of mine. The site took many weeks to build, and overnight all of that good work was gone.

It was her business showcase and more importantly her revenue source.

Now it was trashed and offline.

You can imagine how upset she was, and how uneasy she felt about anonymous people gaining entry to the website Admin back office and maliciously tampering with her property.

Who would do such a thing?

It got me thinking about my own website security, or lack of it. (Actually, we now run around 100 WordPress sites!)

It is practically impossible to patrol all of them, and to see if any files were already vulnerable or compromised. In any case, I wouldn’t have a clue what to do even if they were. I had absolutely no idea if the same vermin were trying to break into my own online estate.

The incident served as a wake-up call.

What I needed was an alert and vigilant cyber sentry, on duty 24 hours a day.

I set about a little research, and eventually found an incredible free WordPress plug-in to do the job.

Before I tell you exactly what it is, let me say that what I discovered after installing it on just one website completely shocked me.

I found out that every single day there were multiple attempts to log into the admin dashboard, recover lost passwords and to gain un-authorised entry. The plug-in listed the exact countries, IPs and origins of the attacks.

It also showed me fake “bots” regularly “crawling” my website and probing on behalf of the attackers.

Using the settings panel, I switched on an alert email to warn me each time an elicit attempt was made to break and enter.

My inbox was overflowing within 24 hours.

My next action, based on this scary information, was to turn on a feature that excluded the evil visitors from gaining access to the public or private side of the website ever again.

There can be no legitimate reason at all why anyone in The Russian Federation, Ukraine, Romania, Lithuania or Nigeria would want to pretend to have Admin rights to any of my websites and gain access.  I have absolutely no business coming in from them, yet time and time again, I received warnings that people in those countries had tried to log in.

So what were they up to?

At worst, they could be planting pornography, stealing transactions, using the site for phishing, pornography, dealing in drugs, money laundering, organizing terrorism, engaging in espionage, selling fake designer goods, medications, or just getting a sick kick from undoing hard work.

After using the plug-in for a few days, I discovered how to make all of the “banning” actions work automatically. I elevated the security level to zero tolerance. Just one transgression produced lifetime exclusion for the hacker.

My first test was enlightening, frightening, and conclusive.

It doesn’t matter who you are, you are at risk from having your website invaded and possibly banned by your hosting company.

I have rolled the plug-in out across my network of websites.

The same astonishing results were duplicated everywhere, because around the clock hackers were trying to take control by logging in.

Once installed, the software automatically scanned and found altered files, and thankfully restored their integrity.

It is so satisfying to know that for the time being the hackers are defeated.

The plug-in is actually called WordFence. There may be many other WP firewalls, but I am very confident that this one is doing a great job to secure my online business.

The worst hacking offenders use a hosting outfit called kimsufi.com

 

 

 

Share

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>