5 tips for preventing ‘brute force’ hacking attacks on your WordPress blog

WordPress blogs are currently receiving a pounding from hackers using “brute force” methods to try to break into their admin panels. It seems that the miscreants of the world have nothing better to do than try to make the lives of others miserable.
Keeping your blog safe from hackers gets more difficult every day as their determination and skills get stronger and stronger. But there are a number of things you can do to help keep your blog safe and secure, and I have explained a few of them in this post.
Here are 5 tips for preventing your WordPress blog from falling victim to a brute force hacking attack:

1 – Use a strong password that is hard to crack yet easy to remember. This post will tell you how.

2 – Never use the default WordPress username admin. Instead, log in to your WordPress control panel, click on Users and then add a new user with a username of your choosing. Give that new user account Administrator privileges, then delete the default admin user. Note: WordPress can transfer authorship of all posts created by the admin account to the new user account during the deletion process.

3 – While in the admin panel, click on Plugins>Add New. Search for a great plugin called Login LockDown, then install and activate it. Login LockDown will prevent new attempts to log in to WordPress for a specified period of time after a set number of consecutive failed login attempts. This prevents a bot from trying one new password after another until it finally finds the right one. This plugin is amazing!

4 – ALWAYS keep your WordPress core files, themes and plugins up to date. Most updates are distributed to plug known security holes, and every minute that you wait before installing them gives the hackers that much extra time to find and attempt to break into your blog. I install all updates immediately upon their release (or as quickly as I possible can).

5 – Never log in to your WordPress control panel on a PC that’s connected to the Internet via an open, non-encrypted Wi-Fi connection. This is a sure-fire way for a nearby hacker to learn your username and password.

While using these tips won’t guarantee that your WordPress blog will never get hacked, they will definitely make the job a LOT harder for the hackers. And since most hackers prefer picking low-hanging fruit (blogs that are insecure and easy to hack), they’ll probably give up on yours after a few attempts and move on to a more suitable target.