Stopping brute force and spam attacks
In this article we'll discuss some common solutions you can try to implement if your website has been having malicious users trying to brute force their way in, or if they're leaving spam on your site.
What is a Brute Force Attack?
Many times the applications that you have installed on your website will require a successful login to get to an administrative or members only section. Malicious users will sometimes try to repeatively login again and again using common combinations of usernames and passwords to gain access, and this type of attack is referred to as a brute force attack or brute forcing.
Stopping brute force attacks
If you're having issues with malicious users trying to brute force into certain sections of your website you can typically download a plugin for your software to help block these. You could try installing the Max Failed Login Attempts plugin for Joomla, or you can give the Limit Login Attempts plugin for WordPress a try as well.
Stopping site spam
Also most applications will allow for comments to be left on your website, and malicious users might try to use this to their own advantage by leaving their website address in your comments trying to boost their own search engine rankings.
If you've been having a problem with comment spam on your website you'll probably want to learn about dealing with spam in your posts and comments. That article goes in-depth talking about using a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) system to help deter malicious spam bots from leaving spam comments.
Further attack help
We'll be updating this article as we find new ways to help you stop these types of attacks on your website. If your application doesn't seem to have any type of plugins that will help stop brute force attacks or spam from making it on your site, you might also be interested in learning how to block unwanted users from your site using .htaccess.
If you need any help at all with attacks that are happening on your site, please feel free to comment on this article below with more specifics on the type of problem you're seeing. I can then update this article with the most relevant information to help out the entire community!
Support Center LoginOur Login page has moved. Please click the button below to be redirected to the login page.
2015-02-07 3:40 pm
Maybe suggest 3rd party authentication, like Google authentication that I am now using. Thanks