WordPress Brute Force

WordPress is one of the largest content management systems around and is often a target to a plethora of attacks. Recently WordPress brute force attacks have become more and more common. These brute force attacks are using a large amount of automated attempts to guess your username/password. Although there is no one method to prevent these attacks, there are things you can do to protect your website.

-Be sure to have a strong password with at least eight characters in total, upper and lower case characters, numbers, and special characters.
-Change your default WordPress admin username
-Ensure WordPress installation is up to date
-Secure WordPress dashboard
-Setup security plugin(iThemes Security)

These steps should help prevent brute force attacks and keep your site secure. It is important to ensure the security of your website and availability when you have a web presence and taking these small steps will increase that ability to do so. Also for apache servers you can secure your dashboard manually using your .htaccess file. Please replace with your IP address(fetchip.com) if you wish to block access to your dashboard by IP address. As for the referrer method, which is non-intrusive and only prevents bots, you can just change the domain(example.com) with your own. Be sure to keep the back slash before the period.

Block access to dashboard by IP:
<Files wp-login.php>
order deny,allow
Deny from all
allow from

Block WordPress logins without referrer:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(.*)?example\.com [NC]
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteRule ^(.*)$ – [F]

iThemes Security Plugin:

Harden WordPress:

We don't mean to brag but...

These are some of our statistics:

Avg Response Time
Server Uptime
Issues Fixed
Trees Planted

What Our Customers
Have To Say

About three years ago we were looking for a new server provider, the problem that we were having was we are not “server guys” and we had over 400 clients to take care of. So anytime we tried to get support we had to submit a ticket, try to explain what was going on, and then pray that the response was in some form that we could understand.

After the on-boarding with Green Olive Tree, they told us that we had twice as much server than we needed and they were not set up right. Thank goodness we have found someone that really looked at what we want to do and gave us real actionable advice. It is safe to say that we have found our server company, and now we can focus on growing out business and not have to worry about the reliability of our support.

Thanks again Green Olive Tree, You Guys Rock!

John Owens

Green Olive Tree has been an invaluable resource to my company allowing me to focus more on my business instead of the management of servers. In the five years I have done business with GOT I have had zero downtime. Knowing that everything is being kept up-to-date and they are proactively patching system flaws gives me peace of mind that I didn’t have before finding Green Olive Tree. Jon has always made himself available when I’ve needed advice or help on upgrading servers or software and I can’t imagine ever going back to managing a server without GOT.

Chris Smith

Green Olive Tree has been very good to us. Jon has helped us scale from 200,000 unique’s visitors a day to over 3 million per day. From 1 server to now 14 on a well-structured load balanced failsafe system. Not only that he has managed to reduce our server resources 3 fold by installing the right kind of software so we’re getting more power out of each server for the same price. He always responds very quickly and stays up at all kinds of crazy hours to help us out, the man never sleeps! I guess that’s why he was a Navy Chief, he brings that discipline into his work and that’s what we love.

Anthony Lipari

Call us today at (800) 269-6465
We can help, contact us today.

Copyright © Green Olive Tree

/* LinkedIn Tag */