security

Blog - Jun 17, 2016

Some Basic Steps For Securing wp-admin Directory of a WordPress Website

Adding server-side password protection (such as BasicAuth) to /wp-admin/ adds a second layer of protection around your blog's admin area, the login screen, and your files. This forces an attacker or bot to attack this second layer of protection instead of your actual admin files. Many WordPress attacks are carried out autonomously by malicious software bots. Simply securing the wp-admin/ directory might also break some WordPress functionality, such as the AJAX handler at wp-admin/admin-ajax.php. See the Resources section for more documentation on how to password protect your wp-admin/...

Marshall | | 0 Comments | 1 min read

Blog - Mar 1, 2015

Simplest Way to Protect Your WordPress Website from Brute Force Login Attempts

There is brute force attack on almost every WordPress based website. The frequency can be more or less but it usually happens with most of the sites (unless you are hidden from search engines or your site is published privately without the world knowing it. The best way to look for such attacks and curb them is to install a plugin to stop brute force attack on WordPress sites. Wordfence do it well and here is screenshot of the monitoring email address which gets a notification every time someone tries to get nasty with your websites. To protect your site, you need to install Wordfence and...

Marshall | | 0 Comments | 1 min read

Blog - Feb 17, 2015

Ban Hammer, A WordPress Plugin That Blocks Registering of Certain Email and Domains

If you want to block some email addresses or specific domains, you can use this plugin called Ban Hammer which allows you to block users from registering on your website. You can use this WordPress plugin to prevent unwanted users from registering on your website: Ban Hammer

Marshall | | 0 Comments | 1 min read