In this article we'll discuss some common solutions you can try to implement if your website has been having malicious users trying to brute force their way in, or if they're leaving spam on your site.

What is a Brute Force Attack?

Many times the applications that you have installed on your website will require a successful login to get to an administrative or members only section. Malicious users will sometimes try to repeatively login again and again using common combinations of usernames and passwords to gain access, and this type of attack is referred to as a brute force attack or brute forcing.

Stopping brute force attacks

If you're having issues with malicious users trying to brute force into certain sections of your website you can typically download a plugin for your software to help block these. You could try installing the Max Failed Login Attempts plugin for Joomla, or you can give the Limit Login Attempts plugin for WordPress a try as well.

Stopping site spam

Also most applications will allow for comments to be left on your website, and malicious users might try to use this to their own advantage by leaving their website address in your comments trying to boost their own search engine rankings.

If you've been having a problem with comment spam on your website you'll probably want to learn about dealing with spam in your posts and comments. That article goes in-depth talking about using a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) system to help deter malicious spam bots from leaving spam comments.

Further attack help

We'll be updating this article as we find new ways to help you stop these types of attacks on your website. If your application doesn't seem to have any type of plugins that will help stop brute force attacks or spam from making it on your site, you might also be interested in learning how to block unwanted users from your site using .htaccess.

If you need any help at all with attacks that are happening on your site, please feel free to comment on this article below with more specifics on the type of problem you're seeing. I can then update this article with the most relevant information to help out the entire community!

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Like this Article?

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

News / Announcements

WordPress wp-login.php brute force attack
Updated 2014-07-17 06:43 pm EST
Hits: 200926

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!